CVE-2025-71002 Overview
A floating-point exception (FPE) vulnerability exists in the flow.column_stack component of OneFlow v0.9.0. This flaw allows remote attackers to trigger a Denial of Service (DoS) condition by supplying crafted input to the vulnerable function. The vulnerability is classified under CWE-369 (Divide By Zero), indicating that improper handling of division operations can lead to application crashes.
Critical Impact
Remote attackers can crash OneFlow applications by exploiting the floating-point exception in the flow.column_stack component, causing service disruption for machine learning workloads.
Affected Products
- OneFlow v0.9.0
- Applications utilizing the flow.column_stack function
- Machine learning pipelines dependent on OneFlow tensor operations
Discovery Timeline
- 2026-01-28 - CVE CVE-2025-71002 published to NVD
- 2026-01-29 - Last updated in NVD database
Technical Details for CVE-2025-71002
Vulnerability Analysis
This vulnerability affects OneFlow, an open-source deep learning framework designed for high-performance machine learning applications. The flaw resides in the flow.column_stack function, which is used to stack 1-D tensors as columns into a 2-D tensor. When processing specially crafted input, the function fails to properly validate numerical parameters, leading to a division by zero condition that triggers a floating-point exception.
The vulnerability requires user interaction, meaning an attacker must convince a victim to process malicious input data or load a crafted model file. The attack can be executed remotely over the network, making it accessible to attackers who can influence input data fed to OneFlow-based applications.
Root Cause
The root cause of this vulnerability is improper input validation in the flow.column_stack component (CWE-369: Divide By Zero). The function does not adequately check for edge cases where certain tensor dimensions or input parameters could result in division operations with a zero divisor. When these edge cases occur, the CPU raises a floating-point exception signal (SIGFPE), causing the application to terminate abnormally.
Attack Vector
The attack is network-accessible and requires low complexity to exploit, though it does require user interaction. An attacker can craft malicious tensor input or model files that, when processed by the flow.column_stack function, trigger the floating-point exception. This attack primarily impacts availability, as it causes the OneFlow application to crash without affecting confidentiality or integrity.
The vulnerability manifests when the flow.column_stack function processes input tensors with specific dimensions or values that lead to a division-by-zero condition. Technical details and a proof-of-concept can be found in the related GitHub issue.
Detection Methods for CVE-2025-71002
Indicators of Compromise
- Application crashes with SIGFPE (floating-point exception) signals in logs
- Unexpected termination of OneFlow-based processes during tensor operations
- Core dump files indicating crashes in flow.column_stack or related tensor stacking functions
- Repeated crash events when processing specific input files or data streams
Detection Strategies
- Monitor application logs for floating-point exception errors or SIGFPE signals
- Implement input validation to detect anomalous tensor dimensions before processing
- Use application monitoring tools to alert on unexpected process terminations
- Deploy SentinelOne Singularity to detect and alert on application crash patterns indicative of DoS attacks
Monitoring Recommendations
- Enable comprehensive logging for OneFlow applications to capture tensor operation failures
- Set up crash reporting and alerting for production machine learning pipelines
- Monitor system signals and exception handlers for FPE-related events
- Implement anomaly detection for input data that deviates from expected tensor formats
How to Mitigate CVE-2025-71002
Immediate Actions Required
- Upgrade OneFlow to a patched version when available from the vendor
- Implement input validation to sanitize tensor dimensions and values before calling flow.column_stack
- Add exception handling around tensor stacking operations to gracefully handle malformed input
- Isolate OneFlow workloads in containerized environments to limit the impact of crashes
Patch Information
A fix for this vulnerability has been reported in the OneFlow GitHub issue tracker. Users should monitor the OneFlow project for official patch releases and upgrade to the latest version once available. Contact the OneFlow maintainers or check the project's release notes for specific version information containing the security fix.
Workarounds
- Implement try-catch exception handling around flow.column_stack calls to prevent application crashes
- Add pre-processing validation to reject tensors with zero-dimension or invalid size parameters
- Deploy application-level rate limiting to reduce the impact of repeated crash attempts
- Use process supervision tools (e.g., systemd, supervisord) to automatically restart crashed services
# Example: Add process supervision for OneFlow applications
# Create a systemd service file for automatic restart on failure
# /etc/systemd/system/oneflow-app.service
[Unit]
Description=OneFlow Application Service
After=network.target
[Service]
Type=simple
ExecStart=/usr/bin/python3 /opt/oneflow/app.py
Restart=on-failure
RestartSec=5
User=oneflow
[Install]
WantedBy=multi-user.target
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
