CVE-2025-2953: 
CBL Mariner vulnerability analysis and mitigation

A vulnerability has been identified in PyTorch version 2.6.0+cu124, specifically affecting the function torch.mkldnnmaxpool2d. The issue was discovered and disclosed on March 29, 2025, and has been assigned CVE-2025-2953. This vulnerability has been classified as problematic and can lead to denial of service conditions when exploited (VulDB, NVD).

The vulnerability affects the torch.mkldnnmaxpool2d function in PyTorch 2.6.0+cu124. The issue has been assigned a CVSS v3.1 base score of 3.3 (LOW) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L. The vulnerability has been categorized under CWE-404 (Improper Resource Shutdown or Release) (NVD).

When exploited, this vulnerability leads to denial of service conditions. The impact is primarily focused on availability, with no direct effect on confidentiality or integrity. The vulnerability requires local access to be exploited (VulDB).

Currently, there are no known official mitigations or workarounds published for this vulnerability. It may be suggested to replace the affected component with an alternative solution until a patch is available (VulDB).