CVE-2025-3136— PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption

CVSS 3.3 · Low EPSS 0.15% · P35 Updated Apr 08, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-3136

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

内存缓冲区边界内操作的限制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

PyTorch 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PyTorch是PyTorch开源的一个 Python 包。 PyTorch 2.6.0版本存在安全漏洞，该漏洞源于内存损坏。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	PyTorch	2.6.0	-

II. Public POCs for CVE-2025-3136

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-3136

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-04-03 · 28 CVEs total

CVE-2025-3169	5.0 MEDIUM	Projeqtor saveAttachment.php unrestricted upload
CVE-2025-3177	5.0 MEDIUM	FastCMS JWT hard-coded key
CVE-2025-3145	3.3 LOW	MindSpore mindspore.numpy.fft.rfft2 memory corruption
CVE-2025-3144	3.3 LOW	MindSpore mindspore.numpy.fft.hfftn memory corruption
CVE-2024-47213		Enrich 安全漏洞
CVE-2024-47214		Iglu Server 安全漏洞
CVE-2024-47212		Iglu Server 安全漏洞
CVE-2024-47217		Iglu Server 安全漏洞
CVE-2024-47215		Snowbridge 安全漏洞
CVE-2024-45198		insightsoftware Spark JDBC 安全漏洞
CVE-2024-45199		insightsoftware Hive JDBC 安全漏洞
CVE-2024-56528		Scala Stream Collector 安全漏洞
CVE-2024-22611		OpenEMR 安全漏洞
CVE-2025-29064		TOTOLINK X18 安全漏洞
CVE-2025-29570		Shenzhen Libituo Technology LBT-T300-T400 安全漏洞
CVE-2025-29462		Tenda AC15 安全漏洞
CVE-2025-29369		Code-Projects Matrimonial Site 安全漏洞
CVE-2025-29647		SeaCMS 安全漏洞
CVE-2025-29504		student-manage 安全漏洞
CVE-2025-22926		Open Solutions For Education OS4Ed OpenSIS 安全漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: PyTorch

Same vendor: n/a

Same weakness: CWE-119

V. Comments for CVE-2025-3136

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-3136— PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption

I. Basic Information for CVE-2025-3136

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-3136

III. Intelligence Information for CVE-2025-3136

Same Patch Batch · n/a · 2025-04-03 · 28 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-3136

Leave a comment