Vulnerability in PyTorch Affects Dropout Functions
CVE-2025-46153

5.3MEDIUM

Key Information:

Vendor: PyTorch
Status: PyTorch
Vendor: CVE Published:; 25 September 2025

What is CVE-2025-46153?

A specific issue has been identified in PyTorch where the bernoulli_p decompose function defined in decompositions.py does not achieve full consistency with the eager CPU implementation. This inconsistency can adversely affect the performance and reliability of nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when the fallback_random option is enabled, potentially leading to unintended behavior in machine learning models relying on these dropout functionalities.

References

https://github.com/pytorch/pytorch/issues/142853

https://github.com/pytorch/pytorch/pull/143460

https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e968...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Apr 22, 2025

JSON