CVE-2025-63396
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-12
Last updated on: 2026-01-02
Assigner: MITRE
Description
Description
An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS).
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | pytorch | 2.5.0 |
| linuxfoundation | pytorch | 2.7.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-667 | The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in PyTorch versions 2.5 and 2.7.1 where failing to call profiler.stop() can cause the torch.profiler.profile (PythonTracer) to crash or hang during its finalization process. This leads to a Denial of Service (DoS) condition.
How can this vulnerability impact me? :
The impact of this vulnerability is a Denial of Service (DoS), meaning that the affected PyTorch profiling functionality can crash or become unresponsive, potentially disrupting applications or services that rely on it.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70