Login Sign Up

CVE-2025-3001

5.3 MEDIUM

📋 TL;DR

A critical memory corruption vulnerability in PyTorch's torch.lstm_cell function allows local attackers to potentially execute arbitrary code or crash applications. This affects systems running PyTorch 2.6.0 where the vulnerable function is used. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:
  • PyTorch
Versions: 2.6.0
Operating Systems: All platforms running PyTorch
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where torch.lstm_cell function is called. All installations of PyTorch 2.6.0 are vulnerable if this function is used.

📦 What is this software?

Pytorch by Linuxfoundation

View all CVEs affecting Pytorch →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, arbitrary code execution, or denial of service.

🟠

Likely Case

Application crashes, memory corruption leading to unstable behavior, or limited local code execution within the PyTorch process context.

🟢

If Mitigated

Contained impact within the PyTorch process with no privilege escalation if proper sandboxing and least privilege are implemented.

🌐 Internet-Facing: LOW - Requires local access to exploit, cannot be triggered remotely.
🏢 Internal Only: MEDIUM - Local users or processes could exploit this to compromise systems or disrupt services using PyTorch.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploit details are publicly disclosed on GitHub. Requires local access and knowledge of how to trigger the vulnerable function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: PyTorch 2.6.1 or later

Vendor Advisory: https://github.com/pytorch/pytorch/issues/149626

Restart Required: Yes

Instructions:

1. Update PyTorch using pip: 'pip install --upgrade torch==2.6.1' 2. Restart all applications and services using PyTorch. 3. Verify the update was successful.

🔧 Temporary Workarounds

Avoid torch.lstm_cell usage

all

Temporarily avoid using the vulnerable torch.lstm_cell function until patched.

Sandbox PyTorch processes

linux

Run PyTorch in isolated containers or with restricted permissions to limit potential damage.

docker run --security-opt no-new-privileges pytorch-container

🧯 If You Can't Patch

  • Implement strict access controls to limit local user access to systems running PyTorch.
  • Monitor for abnormal process behavior or crashes in PyTorch applications.

🔍 How to Verify

Check if Vulnerable:

Check PyTorch version: 'python -c "import torch; print(torch.__version__)"' - if output is '2.6.0', system is vulnerable.

Check Version:

python -c "import torch; print(torch.__version__)"

Verify Fix Applied:

After update, verify version is 2.6.1 or later: 'python -c "import torch; print(torch.__version__)"'

📡 Detection & Monitoring

Log Indicators:

  • Segmentation faults in PyTorch processes
  • Memory access violation errors
  • Abnormal termination of PyTorch applications

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Process termination with exit code 139 (SIGSEGV) AND process_name contains 'python' AND command_line contains 'torch'

📊 Metadata

CVE ID: CVE-2025-3001
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-119
EPSS Score: 0.18% exploit probability (39.9th percentile)
Published: March 31, 2025
Last Updated: May 29, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-3001, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)