← back
CVE-2025-3144

MindSpore mindspore.numpy.fft.hfftn memory corruption

CVSS 4.8 MEDIUMEPSS 0.2%CWE-119
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Apr 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability classified as problematic was found in MindSpore 2.5.0. Affected by this vulnerability is the function mindspore.numpy.fft.hfftn. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected products
n/a · MindSpore