CVE-2025-4287
PyTorch nccl.py torch.cuda.nccl.reduce denial of service
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
PyTorch nccl.py torch.cuda.nccl.reduce denial of service
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as 5827d2061dcb4acd05ac5f8e65d8693a481ba0f5. It is recommended to apply a patch to fix this issue.
Eine problematische Schwachstelle wurde in PyTorch 2.6.0+cu124 ausgemacht. Hierbei geht es um die Funktion torch.cuda.nccl.reduce der Datei torch/cuda/nccl.py. Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur öffentlichen Verfügung. Der Patch wird als 5827d2061dcb4acd05ac5f8e65d8693a481ba0f5 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen.
| 2025-05-05: | Advisory disclosed |
| 2025-05-05: | VulDB entry created |
| 2025-05-05: | VulDB entry last update |
Default436352 (VulDB User)
vuldb.com/?id.307394 (VDB-307394 | PyTorch nccl.py torch.cuda.nccl.reduce denial of service)
vuldb.com/?ctiid.307394 (VDB-307394 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/?submit.553644 (Submit #553644 | pytorch pytorch (in torch.cuda.nccl.reduce) 2.6.0 Denial of Service)
github.com/pytorch/pytorch/issues/150836
github.com/pytorch/pytorch/pull/150923
github.com/pytorch/pytorch/issues/150836
github.com/...ommit/5827d2061dcb4acd05ac5f8e65d8693a481ba0f5
Support options
