CVE-2024-31583: Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpre
highvulnerability
security
Summary
PyTorch versions before v2.2.0 contain a use-after-free vulnerability (a memory bug where code tries to access data that has already been freed) in the mobile interpreter component. This vulnerability was identified in the torch/csrc/jit/mobile/interpreter.cpp file.
Solution / Mitigation
Update PyTorch to version v2.2.0 or later. A patch is available at https://github.com/pytorch/pytorch/commit/9c7071b0e324f9fb68ab881283d6b8d388a4bcd2.
Vulnerability Details
CVSS Score
7.8(high)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack SophisticationModerate
Impact (CIA+S)
availabilityintegrity
AI Component TargetedFramework
Affected Vendors
Meta
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-31583
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 92%