CVE-2025-46153

EPSS 0.04%
Veröffentlicht 25.09.2025 15:16:12
Zuletzt bearbeitet 03.10.2025 17:56:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linuxfoundation ≫ Pytorch Update- SwPlatformpython Version >= 2.6.0 < 2.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.109

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-1176 Inefficient CPU Computation

The product performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the computations can be optimized further.

https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a

Third Party Advisory

https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a

Third Party Advisory

https://github.com/pytorch/pytorch/compare/v2.6.0...v2.7.0

Product

https://github.com/pytorch/pytorch/issues/142853

Issue Tracking

https://github.com/pytorch/pytorch/pull/143460

Patch

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2025-46153

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-46153

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-46153

EUVD