Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-71000

CVE-2025-71000: OneFlow flow.cuda.BoolTensor DoS Flaw

CVE-2025-71000 is a denial of service vulnerability in the flow.cuda.BoolTensor component of OneFlow v0.9.0 that allows attackers to crash the system with malicious input. This article covers technical details, impact, and fixes.

Published:

CVE-2025-71000 Overview

A Denial of Service (DoS) vulnerability has been identified in the flow.cuda.BoolTensor component of OneFlow v0.9.0, an open-source deep learning framework. This vulnerability allows remote attackers to cause a denial of service condition by supplying a specially crafted input to the affected component, potentially disrupting machine learning workflows and services that rely on OneFlow for GPU-accelerated tensor operations.

Critical Impact

Attackers can exploit this vulnerability to disrupt OneFlow-based machine learning services and applications through crafted input, causing resource exhaustion and service unavailability.

Affected Products

  • OneFlow v0.9.0
  • Applications utilizing flow.cuda.BoolTensor component
  • Services running OneFlow with CUDA GPU acceleration

Discovery Timeline

  • 2026-01-28 - CVE-2025-71000 published to NVD
  • 2026-01-29 - Last updated in NVD database

Technical Details for CVE-2025-71000

Vulnerability Analysis

This vulnerability is classified as CWE-400 (Uncontrolled Resource Consumption), indicating that the flow.cuda.BoolTensor component fails to properly validate or limit resource consumption when processing certain inputs. The vulnerability exists in OneFlow's CUDA tensor handling code, specifically affecting boolean tensor operations on GPU devices.

When a malicious actor supplies a crafted input to the vulnerable component, it can trigger excessive resource consumption on the system. This could manifest as GPU memory exhaustion, CPU resource starvation, or an infinite processing loop that renders the affected service unresponsive. The network-accessible nature of this vulnerability means that any application exposing OneFlow tensor operations to external input is potentially at risk.

Root Cause

The root cause of this vulnerability lies in improper input validation within the flow.cuda.BoolTensor component. The code path responsible for processing boolean tensor data on CUDA devices does not adequately constrain resource usage based on input parameters. This allows specially crafted inputs to consume disproportionate system resources, leading to a denial of service condition.

The vulnerability is associated with CWE-400 (Uncontrolled Resource Consumption), which occurs when software does not properly restrict the amount of resources consumed by an actor, allowing resource exhaustion attacks.

Attack Vector

The attack can be executed remotely over the network without requiring authentication or user interaction. An attacker needs only the ability to send crafted data to an application that processes it using the vulnerable flow.cuda.BoolTensor component.

The exploitation scenario involves:

  1. Identifying a target application using OneFlow v0.9.0 with CUDA support
  2. Crafting malicious input designed to trigger the resource exhaustion condition
  3. Submitting the crafted input to the target application's tensor processing endpoint
  4. The vulnerable component consumes excessive resources, causing service degradation or complete denial of service

Technical details regarding the specific crafted input structure can be found in GitHub Issue #10659 on the OneFlow repository.

Detection Methods for CVE-2025-71000

Indicators of Compromise

  • Unusual GPU memory consumption patterns in systems running OneFlow applications
  • Sudden spikes in CPU usage associated with OneFlow tensor operations
  • Application crashes or hangs when processing external tensor input
  • System logs showing memory allocation failures in CUDA contexts

Detection Strategies

  • Monitor GPU memory utilization for abnormal patterns or rapid exhaustion
  • Implement logging around flow.cuda.BoolTensor operations to identify suspicious input patterns
  • Deploy application-level anomaly detection for tensor processing request patterns
  • Review system logs for repeated crashes or restarts of OneFlow-based services

Monitoring Recommendations

  • Enable detailed logging for OneFlow tensor operations in production environments
  • Set up alerts for GPU memory usage exceeding normal operational thresholds
  • Implement request rate limiting on endpoints that accept external tensor data
  • Monitor for repeated service restarts or process terminations related to OneFlow applications

How to Mitigate CVE-2025-71000

Immediate Actions Required

  • Identify all systems running OneFlow v0.9.0 with CUDA tensor operations
  • Review application exposure to determine if untrusted input can reach flow.cuda.BoolTensor components
  • Implement input validation and sanitization at the application layer before processing tensor data
  • Consider temporarily disabling external access to tensor processing endpoints if not critical

Patch Information

At the time of publication, users should monitor the OneFlow GitHub repository for security updates and patches addressing this vulnerability. Check the OneFlow official website for security advisories and updated releases.

Organizations are advised to subscribe to OneFlow security notifications and apply patches as soon as they become available.

Workarounds

  • Implement strict input validation and size limits on all data passed to flow.cuda.BoolTensor operations
  • Deploy network-level controls to restrict access to OneFlow-based services from untrusted sources
  • Configure resource limits (memory, CPU) for OneFlow processes to contain potential resource exhaustion
  • Consider running OneFlow applications in isolated environments with resource quotas to limit blast radius

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.