CVE-2025-2148

Medium

Published: 10 March 2025

Published

10 March 2025

Modified

24 February 2026

KEV Added

—

Patch

—

CVSS Score 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS Score 0.0008 24.2th percentile

Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CVE-2025-2148 is a critical vulnerability in PyTorch version 2.6.0+cu124, affecting the function torch.ops.profiler._call_end_callbacks_on_jit_fut within the Tuple Handler component. The issue stems from manipulation of the argument None, resulting in memory corruption classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). It carries a CVSS v3.1 base score of 5.0 (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) and was published on 2025-03-10.

Remote attackers with no privileges can exploit this vulnerability, though it requires high attack complexity and user interaction. Successful exploitation leads to limited impacts, including low confidentiality, integrity, and availability effects through memory corruption.

Advisories and further details are available in the referenced sources, including PyTorch GitHub issues at https://github.com/pytorch/pytorch/issues/147722 and VulDB entries at https://vuldb.com/?ctiid.299059, https://vuldb.com/?id.299059, and https://vuldb.com/?submit.505959, which security practitioners should consult for patch information and mitigation guidance.

Details

CWE(s): CWE-119

Affected Products

linuxfoundation

pytorch

2.6.0

AI Security Analysis

AI Category: Deep Learning Frameworks
Risk Domain: Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025: None mapped
MITRE ATLAS Techniques: None mapped
Classification Reason: PyTorch is a widely used deep learning framework, and the vulnerability affects a core component (torch.ops.profiler._call_end_callbacks_on_jit_fut) involving tuple handling and JIT operations, confirming it as AI-related in the deep learning domain.

MITRE ATT&CK Enterprise Techniques

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

The remote memory corruption vulnerability (CWE-119) in PyTorch's profiler function causes a segmentation fault/crash upon manipulation with a None argument, enabling application-level denial of service via exploitation.

References

https://github.com/pytorch/pytorch/issues/147722
Issue Tracking · cna@vuldb.com
https://vuldb.com/?ctiid.299059
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.299059
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.505959
Third Party Advisory, VDB Entry · cna@vuldb.com
https://github.com/pytorch/pytorch/issues/147722
Issue Tracking · 134c704f-9b21-4f2e-91b3-4a467353bcc0