CVE-2025-2999
- Source
- https://cve.org/CVERecord?id=CVE-2025-2999
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-2999.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-2999
- Aliases
- Downstream
- Published
- 2025-03-31T14:31:04.982Z
- Modified
- 2026-05-01T04:27:23.728371Z
- Severity
-
- 4.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- PyTorch torch.nn.utils.rnn.unpack_sequence memory corruption
- Details
-
A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2999.json", "cna_assigner": "VulDB", "cwe_ids": [ "CWE-119" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2999.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-2999
- https://vuldb.com/?id.302048
- https://vuldb.com/?submit.524198
- https://github.com/pytorch/pytorch/issues/149622
- https://github.com/pytorch/pytorch/issues/149622#issue-2935495265
- https://vuldb.com/?ctiid.302048
Affected packages
Git / github.com/pytorch/pytorch
Affected versions
Other
bc2caa7fdf006894eff7af936babde69ab5a40f8-huydhn-debug
ciflow/inductor/3b9a386
ciflow/inductor/3d4b92b
ciflow/inductor/d224ac7
ciflow/periodic/054a2fd
ciflow/periodic/2a6d37d
ciflow/periodic/317eeb8
ciflow/periodic/3c32
ciflow/periodic/3e98831
ciflow/periodic/94512-point
ciflow/periodic/csl/test87519
ciflow/periodic/csltest88275
ciflow/periodic/csltest88761
ciflow/periodic/sha-ec5b83
ciflow/slow/01c7106
ciflow/slow/0577043
ciflow/slow/0d5b74da0cab798fbfdb9caa53fad816999c8386-sdym
ciflow/slow/0e81104
ciflow/slow/1732077
ciflow/slow/187eb7c
ciflow/slow/1faef89
ciflow/slow/3920ec1
ciflow/slow/3b7c6b2
ciflow/slow/59a3759
ciflow/slow/70ef0bb
ciflow/slow/788ff06
ciflow/slow/8751002215790a3a88750faa8f4366933e296693-sdym
ciflow/slow/9d85864
ciflow/slow/9ffad5b
ciflow/slow/a206e8b
ciflow/slow/a837609
ciflow/slow/af841f3
ciflow/slow/da3aba1e46157c4df504b067477cdf2b3c96b194-sdym
ciflow/unstable/123
cslpull75
cslpull76
cslpull77
cslpull78
cslpull79
cslpull80
cslpull81
cslpull82
cslpull83
cslpull84
cslpull85
cslpull86
cslpull87
cslpull88
cslpull89
cslpull90
cslpull91
cslpull92
forpull1
malfet/tag-2ef5611
malfet/tag-317b1a0
malfet/tag-ec6f767
nightly-binary
v0.*
v0.1.1
v0.1.10
v0.1.11
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v1.*
v1.0.0a0
v1.0rc0
v1.0rc1
v1.1.0a0
v1.2.0a0
v1.3.0a0
v1.4.0a0
v1.8.0-rc1
v2.*
v2.6.0
v2.6.0-rc1
v2.6.0-rc2
v2.6.0-rc3
v2.6.0-rc5
v2.6.0-rc6
v2.6.0-rc7
v2.6.0-rc8
v2.6.0-rc9