Description
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Published: 2024-04-17
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-1105 PyTorch heap buffer overflow vulnerability
Github GHSA Github GHSA GHSA-5pcm-hx3q-hm94 PyTorch heap buffer overflow vulnerability
History

Tue, 10 Jun 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Linuxfoundation
Linuxfoundation pytorch
CPEs cpe:2.3:a:linuxfoundation:pytorch:*:*:*:*:*:python:*:*
Vendors & Products Linuxfoundation
Linuxfoundation pytorch

Sat, 29 Mar 2025 00:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Linuxfoundation Pytorch
Pytorch Pytorch
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-03-28T23:47:41.729Z

Reserved: 2024-04-05T00:00:00.000Z

Link: CVE-2024-31580

cve-icon Vulnrichment

Updated: 2024-08-02T01:52:57.296Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-17T19:15:07.783

Modified: 2025-06-10T17:38:16.883

Link: CVE-2024-31580

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses