CVE-2025-55558 in PyTorchinfo

Summary

by MITRE • 09/25/2025

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 09/30/2025

The vulnerability identified as CVE-2025-55558 represents a critical buffer overflow condition within the PyTorch deep learning framework version 2.7.0. This flaw manifests specifically when neural network models incorporate a combination of torch.nn.Conv2d layers, torch.nn.functional.hardshrink activation functions, and torch.Tensor.view operations followed by torch.mv() matrix-vector operations. The issue emerges during the compilation phase when the Inductor compiler optimizes these operations, creating a scenario where memory boundaries are exceeded, potentially leading to system instability and denial of service conditions.

The technical root cause of this vulnerability stems from inadequate input validation and memory management within the Inductor compiler's optimization routines. When processing the specified combination of operations, the compiler fails to properly calculate buffer sizes required for the intermediate computations, particularly during the transition from tensor view operations to matrix-vector multiplication. This oversight creates a scenario where the compiled code attempts to write data beyond allocated memory boundaries, resulting in memory corruption that can trigger program termination or system crashes. The vulnerability aligns with CWE-121, which describes stack-based buffer overflow conditions, and CWE-787, which covers out-of-bounds write vulnerabilities in heap-based memory structures.

The operational impact of this vulnerability extends beyond simple denial of service, as it can affect any application relying on PyTorch's automated optimization capabilities. Systems utilizing machine learning models with the specified layer configurations become susceptible to crashes when processing certain inputs, potentially disrupting critical services in production environments. Attackers could exploit this weakness by crafting malicious model configurations or input data that triggers the specific execution path leading to the buffer overflow. The vulnerability particularly affects applications in computer vision, image processing, and any domain where Conv2d layers combined with hardshrink activation functions are employed, making it a significant concern for organizations deploying PyTorch-based solutions.

Mitigation strategies for this vulnerability require immediate attention from system administrators and developers. The primary recommendation involves upgrading to PyTorch version 2.7.1 or later, where the buffer overflow has been addressed through improved memory boundary checks and enhanced compiler optimizations. Organizations should also implement runtime monitoring to detect potential buffer overflow conditions and establish robust error handling mechanisms that can gracefully manage memory-related exceptions. Additionally, the use of automated security scanning tools during model development can help identify problematic layer combinations before deployment. From an ATT&CK framework perspective, this vulnerability maps to T1499.004, which covers network denial of service attacks, and T1595.001, involving network reconnaissance through system information gathering, as attackers may attempt to identify vulnerable systems for exploitation.

Responsible

MITRE

Reservation

08/13/2025

Disclosure

09/25/2025

Moderation

accepted

CPE

ready

EPSS

0.00420

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!