CVE-2025-4287 – PyTorch CUDA NCCL Denial of Service Vulnerability

May 5, 2025

CVE ID : CVE-2025-4287

Published : May 5, 2025, 8:15 p.m. | 3 hours, 19 minutes ago

Description : A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as 5827d2061dcb4acd05ac5f8e65d8693a481ba0f5. It is recommended to apply a patch to fix this issue.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0915 – IBM Db2 Memory Allocation DoS Vulnerability

Next Article CVE-2025-4286 – “Intelbras InControl Credential Storage Vulnerability”

Turning User Research Into Real Organizational Change

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

“Using AI is no longer optional” — Did Microsoft just make Copilot mandatory for its staff as a critical performance metric?

June report 2025

June report 2025

Make your JS functions smarter and cleaner with default parameters

Best Home Interiors in Hyderabad – Top Designers & Affordable Packages

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

CVE-2025-4287 – PyTorch CUDA NCCL Denial of Service Vulnerability

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-6554 Actively Exploited Google Chrome Zeroday

CVE-2024-54172 – IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Request Forgery

CVE-2025-36041 – IBM MQ Operator Private Key Configuration Vulnerability

Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android

Apple researchers claim OpenAI’s o3 model is an “illusion of thinking”, inconsistent with a human’s thought process

How our principles helped define AlphaFold’s release

CVE-2025-4260 – Zhangyanbo2007 Youkefu Deserialization Vulnerability

CVE-2025-4205 – WordPress Popup Maker Stored Cross-Site Scripting Vulnerability

CVE-2025-5864 – Tenda TDSEE App Authentication Bypass

CVE-2025-4287 – PyTorch CUDA NCCL Denial of Service Vulnerability

Related Posts