[Git][security-tracker-team/security-tracker][master] add pytorch issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0fe24b98 by Moritz Muehlenhoff at 2025-09-26T16:00:15+02:00
add pytorch issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -178,13 +178,29 @@ CVE-2025-57446 (An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Rele
 CVE-2025-57317 (apidoc-core is the core parser library to generate apidoc result follo ...)
 	TODO: check
 CVE-2025-55560 (An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when  ...)
-	TODO: check
+	- pytorch <unfixed>
+	[trixie] - pytorch <no-dsa> (Minor issue)
+	[bookworm] - pytorch <no-dsa> (Minor issue)
+	NOTE: https://github.com/pytorch/pytorch/issues/151522
+	NOTE: https://github.com/pytorch/pytorch/pull/151897
+	NOTE: https://github.com/pytorch/pytorch/commit/225742838bcbf4656a90010257062188f7fcae82 (v2.9.0-rc4)
 CVE-2025-55559 (An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS)  ...)
 	TODO: check
 CVE-2025-55558 (A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consis ...)
-	TODO: check
+	- pytorch <unfixed>
+	[trixie] - pytorch <no-dsa> (Minor issue)
+	[bookworm] - pytorch <no-dsa> (Minor issue)
+	NOTE: https://github.com/pytorch/pytorch/issues/151523
+	NOTE: https://github.com/pytorch/pytorch/pull/151887
+	NOTE: https://github.com/pytorch/pytorch/commit/68a7501dabb147d9fe7f343a33e1b91bacd3682b (v2.9.0-rc4)
+	NOTE: https://github.com/pytorch/pytorch/commit/1eea2c4fe35ffbdcbfccbeb7ac6c3ec02137385d (v2.9.0-rc4)
 CVE-2025-55557 (A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of ...)
-	TODO: check
+	- pytorch <unfixed>
+	[trixie] - pytorch <no-dsa> (Minor issue)
+	[bookworm] - pytorch <no-dsa> (Minor issue)
+	NOTE: https://github.com/pytorch/pytorch/issues/151738
+	NOTE: https://github.com/pytorch/pytorch/pull/151931
+	NOTE: https://github.com/pytorch/pytorch/commit/0a470dc7c148a6814b01d28094cd45147c6e5187 (v2.9.0-rc4)
 CVE-2025-55556 (TensorFlow v2.18.0 was discovered to output random results when compil ...)
 	TODO: check
 CVE-2025-55554 (pytorch v2.8.0 was discovered to contain an integer overflow in the co ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe24b987bdf14da88bc7ed7afdc7c64d82d8108

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe24b987bdf14da88bc7ed7afdc7c64d82d8108
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250926/90f6d08b/attachment.htm>