Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d282ee1d by Salvatore Bonaccorso at 2025-09-28T13:51:12+02:00
Add Debian bug reference for pytorch issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -712,7 +712,7 @@ CVE-2025-57446 (An issue in O-RAN Near Realtime RIC
ric-plt-submgr in the J-Rele
CVE-2025-57317 (apidoc-core is the core parser library to generate apidoc
result follo ...)
TODO: check
CVE-2025-55560 (An issue in pytorch v2.7.0 can lead to a Denial of Service
(DoS) when ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116531)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151522
@@ -723,7 +723,7 @@ CVE-2025-55559 (An issue was discovered TensorFlow v2.18.0.
A Denial of Service
NOTE: https://github.com/tensorflow/tensorflow/issues/84205
NOTE: Negligible security impact
CVE-2025-55558 (A buffer overflow occurs in pytorch v2.7.0 when a PyTorch
model consis ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116532)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151523
@@ -731,7 +731,7 @@ CVE-2025-55558 (A buffer overflow occurs in pytorch v2.7.0
when a PyTorch model
NOTE:
https://github.com/pytorch/pytorch/commit/68a7501dabb147d9fe7f343a33e1b91bacd3682b
(v2.8.0-rc1)
NOTE:
https://github.com/pytorch/pytorch/commit/1eea2c4fe35ffbdcbfccbeb7ac6c3ec02137385d
(v2.9.0-rc1)
CVE-2025-55557 (A Name Error occurs in pytorch v2.7.0 when a PyTorch model
consists of ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116533)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151738
@@ -741,43 +741,43 @@ CVE-2025-55556 (TensorFlow v2.18.0 was discovered to
output random results when
- tensorflow <unfixed>
NOTE: https://github.com/tensorflow/tensorflow/issues/82317
CVE-2025-55554 (pytorch v2.8.0 was discovered to contain an integer overflow
in the co ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116534)
NOTE: https://github.com/pytorch/pytorch/issues/151510
CVE-2025-55553 (A syntax error in the component proxy_tensor.py of pytorch
v2.7.0 allo ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116535)
NOTE: https://github.com/pytorch/pytorch/issues/151432
NOTE: https://github.com/pytorch/pytorch/pull/154645
NOTE:
https://github.com/pytorch/pytorch/commit/f9dc20c7a3409865ff72c02575068edc1797473f
(v2.8.0-rc1)
CVE-2025-55552 (pytorch v2.8.0 was discovered to display unexpected behavior
when the ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116536)
NOTE: https://github.com/pytorch/pytorch/issues/147847
CVE-2025-55551 (An issue in the component torch.linalg.lu of pytorch v2.8.0
allows att ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116537)
NOTE: https://github.com/pytorch/pytorch/issues/151401
CVE-2025-48707 (An issue was discovered in Stormshield Network Security (SNS)
before 5 ...)
NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2025-46153 (PyTorch before 3.7.0 has a bernoulli_p decompose function in
decomposi ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116538)
NOTE: https://github.com/pytorch/pytorch/issues/142853
NOTE: https://github.com/pytorch/pytorch/pull/143460
NOTE: Fixed by:
https://github.com/pytorch/pytorch/commit/288aa873831057b1eb7d747914ec4fdc76c23a80
(v2.7.0-rc1)
CVE-2025-46152 (In PyTorch before 2.7.0, bitwise_right_shift produces
incorrect output ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116539)
NOTE: https://github.com/pytorch/pytorch/issues/143555
NOTE: https://github.com/pytorch/pytorch/pull/143635
NOTE: Fixed by:
https://github.com/pytorch/pytorch/commit/607884c9afeb29fd230ed2fbadae92377e47dc97
(v2.7.0-rc1)
CVE-2025-46150 (In PyTorch before 2.7.0, when torch.compile is used,
FractionalMaxPool ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116540)
NOTE: https://github.com/pytorch/pytorch/issues/141538
NOTE: https://github.com/pytorch/pytorch/pull/144395
NOTE: Fixed by:
https://github.com/pytorch/pytorch/commit/ccc2878c978258ec88f7ec591305ba5b13e06579
(v2.7.0-rc1)
CVE-2025-46149 (In PyTorch before 2.7.0, when inductor is used, nn.Fold has an
asserti ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116541)
NOTE: https://github.com/pytorch/pytorch/issues/147848
NOTE: https://github.com/pytorch/pytorch/pull/147961
NOTE: Fixed by:
https://github.com/pytorch/pytorch/commit/be830c8b1c496277491bbbdd40a5cb35de17d5fb
(v2.7.0-rc1)
CVE-2025-46148 (In PyTorch through 2.6.0, when eager is used,
nn.PairwiseDistance(p=2) ...)
- - pytorch <unfixed>
+ - pytorch <unfixed> (bug #1116543)
NOTE: https://github.com/pytorch/pytorch/issues/151198
NOTE: https://github.com/pytorch/pytorch/pull/152993
NOTE: Fixed by:
https://github.com/pytorch/pytorch/commit/e5f869999cf5429e24fbb5c3923a5c795549b9e7
(v2.8.0-rc1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d282ee1d057d5f3959bbacf7dd4e43a5fecdb33a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d282ee1d057d5f3959bbacf7dd4e43a5fecdb33a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
