CVE-2025-63396

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions PyTorch versions 2.5 and 2.7.1

Description An issue exists where omitting profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, potentially leading to a Denial of Service (DoS).

Recommendations Ensure profiler.stop() is called to prevent crashes or hangs during finalization for PyTorch version 2.5. Ensure profiler.stop() is called to prevent crashes or hangs during finalization for PyTorch version 2.7.1.

Exploit

Fix

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BIT-PYTORCH-2025-63396

CVE-2025-63396

PYSEC-2025-210

Affected Products

Debian

Pytorch

CVE-2025-63396

Weakness Enumeration

Related Identifiers

Affected Products

References · 14