CVE-2025-46153

EPSS 0.04%
Published 25.09.2025 15:16:12
Last modified 03.10.2025 17:56:58
Source cve@mitre.org
Teams watchlist Login
Open Login

PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linuxfoundation ≫ Pytorch Update- SwPlatformpython Version >= 2.6.0 < 2.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.109

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-1176 Inefficient CPU Computation

The product performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the computations can be optimized further.

https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a

Third Party Advisory

https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a

Third Party Advisory

https://github.com/pytorch/pytorch/compare/v2.6.0...v2.7.0

Product

https://github.com/pytorch/pytorch/issues/142853

Issue Tracking

https://github.com/pytorch/pytorch/pull/143460

Patch

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2025-46153

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-46153

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-46153

EUVD