Inconsistent Results in FractionalMaxPool2d in PyTorch Prior to 2.7.0
CVE-2025-46150

5.3MEDIUM

Key Information:

Vendor: PyTorch
Status: PyTorch
Vendor: CVE Published:; 25 September 2025

What is CVE-2025-46150?

Prior to version 2.7.0, PyTorch exhibits sporadic inconsistency in the results produced by the FractionalMaxPool2d function when utilizing torch.compile. This variability can lead to discrepancies in model performance, impacting users' ability to rely on the accuracy and reliability of their neural network outputs. It's essential for developers and users adopting PyTorch to understand these inconsistencies to mitigate potential issues in their applications and ensure robust cybersecurity measures are in place.

References

https://github.com/pytorch/pytorch/issues/141538

https://github.com/pytorch/pytorch/issues/141538#issuecom...

https://github.com/pytorch/pytorch/pull/144395

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Apr 22, 2025

JSON