Fluid Attacks Database

Description

PyTorch is vulnerable to memory corruption through its unpack_sequence function A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

A patch is available through commit 4945180.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	pytorch	=2.12.0+dfsg2-1 \|\| =2.12.0+dfsg2-1~exp1 \|\| =2.12.0+dfsg2-1~exp2 \|\| =2.12.0+dfsg2-2 \|\| =2.12.0+dfsg2-3 \|\| =2.12.0+dfsg2-4 \|\| =2.6.0+dfsg-7 \|\| =2.6.0+dfsg-8 \|\| =2.6.0+dfsg-9 \|\| =2.9.0+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp2 \|\| =2.9.1+dfsg-1~exp1 \|\| =2.9.1+dfsg-1~exp2	-
debian 14	pytorch	=2.12.0+dfsg2-1~exp1 \|\| =2.12.0+dfsg2-1~exp2 \|\| =2.6.0+dfsg-7 \|\| =2.6.0+dfsg-8 \|\| =2.6.0+dfsg-9 \|\| =2.9.0+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp2 \|\| =2.9.1+dfsg-1~exp1 \|\| =2.9.1+dfsg-1~exp2 \|\| >=0 <2.12.0+dfsg2-1	2.12.0+dfsg2-1
debian 11	pytorch	=1.12.0-1 \|\| =1.12.0~rc1-1 \|\| =1.12.1-1 \|\| =1.13.1+dfsg-1 \|\| =1.13.1+dfsg-2 \|\| =1.13.1+dfsg-3 \|\| =1.13.1+dfsg-4 \|\| =1.13.1+dfsg-5 \|\| =1.7.1-7 \|\| =1.7.1-7+deb11u1 \|\| =1.8.1-1 \|\| =1.8.1-2 \|\| =1.8.1-3 \|\| =1.8.1-4 \|\| =1.8.1-5 \|\| =2.0.1+dfsg-1 \|\| =2.0.1+dfsg-1~exp1 \|\| =2.0.1+dfsg-2 \|\| =2.0.1+dfsg-4 \|\| =2.0.1+dfsg-5 \|\| =2.1.2+dfsg-1 \|\| =2.1.2+dfsg-2 \|\| =2.1.2+dfsg-4 \|\| =2.12.0+dfsg2-1 \|\| =2.12.0+dfsg2-1~exp1 \|\| =2.12.0+dfsg2-1~exp2 \|\| =2.12.0+dfsg2-2 \|\| =2.12.0+dfsg2-3 \|\| =2.12.0+dfsg2-4 \|\| =2.4.1-1 \|\| =2.4.1-3 \|\| =2.4.1-4 \|\| =2.5.0+dfsg-1 \|\| =2.5.1+dfsg-1 \|\| =2.5.1+dfsg-3 \|\| =2.5.1+dfsg-4 \|\| =2.6.0+dfsg-1 \|\| =2.6.0+dfsg-1~exp1 \|\| =2.6.0+dfsg-2 \|\| =2.6.0+dfsg-3 \|\| =2.6.0+dfsg-4 \|\| =2.6.0+dfsg-5 \|\| =2.6.0+dfsg-7 \|\| =2.6.0+dfsg-8 \|\| =2.6.0+dfsg-9 \|\| =2.6.0~rc9+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp2 \|\| =2.9.1+dfsg-1~exp1 \|\| =2.9.1+dfsg-1~exp2	-
debian 12	pytorch	=1.13.1+dfsg-4 \|\| =1.13.1+dfsg-5 \|\| =2.0.1+dfsg-1 \|\| =2.0.1+dfsg-1~exp1 \|\| =2.0.1+dfsg-2 \|\| =2.0.1+dfsg-4 \|\| =2.0.1+dfsg-5 \|\| =2.1.2+dfsg-1 \|\| =2.1.2+dfsg-2 \|\| =2.1.2+dfsg-4 \|\| =2.12.0+dfsg2-1 \|\| =2.12.0+dfsg2-1~exp1 \|\| =2.12.0+dfsg2-1~exp2 \|\| =2.12.0+dfsg2-2 \|\| =2.12.0+dfsg2-3 \|\| =2.12.0+dfsg2-4 \|\| =2.4.1-1 \|\| =2.4.1-3 \|\| =2.4.1-4 \|\| =2.5.0+dfsg-1 \|\| =2.5.1+dfsg-1 \|\| =2.5.1+dfsg-3 \|\| =2.5.1+dfsg-4 \|\| =2.6.0+dfsg-1 \|\| =2.6.0+dfsg-1~exp1 \|\| =2.6.0+dfsg-2 \|\| =2.6.0+dfsg-3 \|\| =2.6.0+dfsg-4 \|\| =2.6.0+dfsg-5 \|\| =2.6.0+dfsg-7 \|\| =2.6.0+dfsg-8 \|\| =2.6.0+dfsg-9 \|\| =2.6.0~rc9+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp1 \|\| =2.9.0+dfsg-1~exp2 \|\| =2.9.1+dfsg-1~exp1 \|\| =2.9.1+dfsg-1~exp2	-
pypi	torch	>=0 <2.9.1	2.9.1

Aliases

1. CVE-2025-29992. NVD-2025-29993. OSV-DEBIAN-2025-29994. OSV-2025-29995. GCVE-2025-29996. SECURITY-TRACKER-CVE-2025-2999

References

1. https://github.com/pytorch/pytorch/issues/1496222. https://github.com/pytorch/pytorch/issues/149622#issue-29354952653. https://github.com/pytorch/pytorch/commit/494518046816d29099b7d056a74ffa5c244fdcdd4. https://github.com/pypa/advisory-database/tree/main/vulns/torch/PYSEC-2025-193.yaml

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.