[Git][security-tracker-team/security-tracker][master] Mark several CVEs for pytorch as postponed for bullseye
Utkarsh Gupta (@utkarsh)
utkarsh at debian.org
Sun Dec 7 13:42:54 GMT 2025
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d8d128e5 by Utkarsh Gupta at 2025-12-07T19:12:32+05:30
Mark several CVEs for pytorch as postponed for bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5424,6 +5424,7 @@ CVE-2025-63396 (An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of
- pytorch <unfixed> (bug #1120794)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/156563
CVE-2025-62484 (Inefficient regular expression complexity in certain Zoom Workplace Cl ...)
NOT-FOR-US: Zoom
@@ -22574,6 +22575,7 @@ CVE-2025-55560 (An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS)
- pytorch <unfixed> (bug #1116531)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151522
NOTE: https://github.com/pytorch/pytorch/pull/151897
NOTE: https://github.com/pytorch/pytorch/commit/225742838bcbf4656a90010257062188f7fcae82 (v2.8.0-rc1)
@@ -22585,6 +22587,7 @@ CVE-2025-55558 (A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model
- pytorch <unfixed> (bug #1116532)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151523
NOTE: https://github.com/pytorch/pytorch/pull/151887
NOTE: https://github.com/pytorch/pytorch/commit/68a7501dabb147d9fe7f343a33e1b91bacd3682b (v2.8.0-rc1)
@@ -22593,6 +22596,7 @@ CVE-2025-55557 (A Name Error occurs in pytorch v2.7.0 when a PyTorch model consi
- pytorch <unfixed> (bug #1116533)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151738
NOTE: https://github.com/pytorch/pytorch/pull/151931
NOTE: https://github.com/pytorch/pytorch/commit/0a470dc7c148a6814b01d28094cd45147c6e5187 (v2.8.0-rc1)
@@ -22603,11 +22607,13 @@ CVE-2025-55554 (pytorch v2.8.0 was discovered to contain an integer overflow in
- pytorch <unfixed> (bug #1116534)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151510
CVE-2025-55553 (A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allo ...)
- pytorch <unfixed> (bug #1116535)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151432
NOTE: https://github.com/pytorch/pytorch/pull/154645
NOTE: https://github.com/pytorch/pytorch/commit/f9dc20c7a3409865ff72c02575068edc1797473f (v2.8.0-rc1)
@@ -22615,11 +22621,13 @@ CVE-2025-55552 (pytorch v2.8.0 was discovered to display unexpected behavior whe
- pytorch <unfixed> (bug #1116536)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/147847
CVE-2025-55551 (An issue in the component torch.linalg.lu of pytorch v2.8.0 allows att ...)
- pytorch <unfixed> (bug #1116537)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/151401
CVE-2025-48707 (An issue was discovered in Stormshield Network Security (SNS) before 5 ...)
NOT-FOR-US: Stormshield Network Security (SNS)
@@ -22627,6 +22635,7 @@ CVE-2025-46153 (PyTorch before 3.7.0 has a bernoulli_p decompose function in dec
- pytorch <unfixed> (bug #1116538)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/142853
NOTE: https://github.com/pytorch/pytorch/pull/143460
NOTE: Fixed by: https://github.com/pytorch/pytorch/commit/288aa873831057b1eb7d747914ec4fdc76c23a80 (v2.7.0-rc1)
@@ -22634,6 +22643,7 @@ CVE-2025-46152 (In PyTorch before 2.7.0, bitwise_right_shift produces incorrect
- pytorch <unfixed> (bug #1116539)
[trixie] - pytorch <no-dsa> (Minor issue)
[bookworm] - pytorch <no-dsa> (Minor issue)
+ [bullseye] - pytorch <postponed> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/issues/143555
NOTE: https://github.com/pytorch/pytorch/pull/143635
NOTE: Fixed by: https://github.com/pytorch/pytorch/commit/607884c9afeb29fd230ed2fbadae92377e47dc97 (v2.7.0-rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8d128e5f251a3080daab5fc06abf42cbcba8da0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8d128e5f251a3080daab5fc06abf42cbcba8da0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251207/eeb4ecc3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list