CVE-2024-31583

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-31583

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-31583.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-31583

Aliases

Downstream

DEBIAN-CVE-2024-31583

UBUNTU-CVE-2024-31583

Published

2024-04-17T19:15:07.950Z

Modified

2025-11-15T20:33:17.874139Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp.

References

Affected packages

Git / github.com/pytorch/pytorch

Affected ranges

Type: GIT
Repo: https://github.com/pytorch/pytorch
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9c7071b0e324f9fb68ab881283d6b8d388a4bcd2

Affected versions

Other

bc2caa7fdf006894eff7af936babde69ab5a40f8-huydhn-debug

ciflow/inductor/3b9a386

ciflow/inductor/3d4b92b

ciflow/inductor/d224ac7

ciflow/periodic/054a2fd

ciflow/periodic/2a6d37d

ciflow/periodic/317eeb8

ciflow/periodic/3c32

ciflow/periodic/3e98831

ciflow/periodic/94512-point

ciflow/periodic/csl/test87519

ciflow/periodic/csltest88275

ciflow/periodic/csltest88761

ciflow/periodic/sha-ec5b83

ciflow/slow/01c7106

ciflow/slow/0577043

ciflow/slow/0d5b74da0cab798fbfdb9caa53fad816999c8386-sdym

ciflow/slow/0e81104

ciflow/slow/1732077

ciflow/slow/187eb7c

ciflow/slow/1faef89

ciflow/slow/3920ec1

ciflow/slow/3b7c6b2

ciflow/slow/59a3759

ciflow/slow/70ef0bb

ciflow/slow/788ff06

ciflow/slow/8751002215790a3a88750faa8f4366933e296693-sdym

ciflow/slow/9d85864

ciflow/slow/9ffad5b

ciflow/slow/a206e8b

ciflow/slow/a837609

ciflow/slow/af841f3

ciflow/slow/da3aba1e46157c4df504b067477cdf2b3c96b194-sdym

ciflow/unstable/123

malfet/tag-2ef5611

malfet/tag-317b1a0

malfet/tag-ec6f767

nightly-binary

v0.*

v0.1.1

v0.1.10

v0.1.11

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v1.*

v1.0.0a0

v1.0rc0

v1.0rc1

v1.1.0a0

v1.2.0a0

v1.3.0a0

v1.4.0a0

v1.8.0-rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-31583.json"

vanir_signatures

[
    {
        "deprecated": false,
        "id": "CVE-2024-31583-aad0f3a9",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "171281326269689921682436190839311291909",
                "121189681070032044894008676224246023172",
                "104354271034547263340410601184272323230"
            ]
        },
        "signature_version": "v1",
        "target": {
            "file": "torch/csrc/jit/mobile/interpreter.cpp"
        },
        "source": "https://github.com/pytorch/pytorch/commit/9c7071b0e324f9fb68ab881283d6b8d388a4bcd2",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "id": "CVE-2024-31583-d97f5c85",
        "digest": {
            "length": 5454.0,
            "function_hash": "60056572103566064283522839713397962286"
        },
        "signature_version": "v1",
        "target": {
            "function": "InterpreterState::run",
            "file": "torch/csrc/jit/mobile/interpreter.cpp"
        },
        "source": "https://github.com/pytorch/pytorch/commit/9c7071b0e324f9fb68ab881283d6b8d388a4bcd2",
        "signature_type": "Function"
    }
]