CVE-2025-63396

LOW

PyTorch <2.7.1 - DoS

Title source: llm

Description

An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.profiler.profile (PythonTracer) to crash or hang during finalization, leading to a Denial of Service (DoS).

References (4)

[Product] http://pytorch.com

[Not Applicable] https://github.com/Daisy2ang

[Product] https://github.com/pytorch/pytorch

[Exploit, Issue Tracking] https://github.com/pytorch/pytorch/issues/156563

Scores

CVSS v3 3.3

EPSS 0.0003

EPSS Percentile 8.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-667

Status published

Products (2)

linuxfoundation/pytorch 2.5.0

linuxfoundation/pytorch 2.7.1

Published Nov 12, 2025

Tracked Since Feb 18, 2026