CVE-2025-46152

描述

In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.

受影響套件(3)

• Bitnami/pytorch>= 2.6.0, < 2.7.0
• Debian/pytorchfrom 0
• PyPI/torch>= 2.6.0, < 2.7.0

CVSS 分數

參考連結(5)

• ADVISORYhttps://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2025-46152
• PATCHhttps://github.com/pytorch/pytorch/pull/143635
• REPORThttps://github.com/pytorch/pytorch/issues/143555
• WEBhttps://nvd.nist.gov/vuln/detail/CVE-2025-46152