CVE-2025-71000 is a vulnerability identified in the flow.cuda.BoolTensor component of OneFlow version 0.9.0, an open-source deep learning framework that supports GPU acceleration. The flaw allows attackers to trigger a Denial of Service (DoS) condition by submitting specially crafted inputs to the vulnerable component. Specifically, the issue relates to improper handling of input data within the BoolTensor operations on CUDA-enabled devices, leading to resource exhaustion or application crashes. The vulnerability is classified under CWE-400 (Uncontrolled Resource Consumption), indicating that the attack exploits the system's inability to properly manage resource allocation under malicious input conditions. The CVSS v3.1 base score is 7.5, reflecting high severity due to the vulnerability's network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impact limited to availability (A:H) without affecting confidentiality or integrity. No patches or fixes have been released at the time of publication, and there are no known active exploits. The vulnerability affects OneFlow v0.9.0, but the exact range of affected versions is unspecified. Given OneFlow's role in AI model training and inference, particularly in GPU-accelerated environments, exploitation could disrupt critical AI workloads by causing application crashes or system unavailability.

For European organizations, especially those engaged in AI research, development, and deployment using OneFlow, this vulnerability poses a significant risk to service availability. Disruption caused by DoS attacks can lead to downtime in AI model training pipelines, inference services, and other GPU-accelerated computations, potentially delaying projects and causing financial losses. Industries such as automotive, healthcare, finance, and manufacturing, which increasingly rely on AI and machine learning, may experience operational interruptions. Additionally, cloud service providers hosting OneFlow-based workloads could face customer impact and reputational damage. The lack of required authentication and user interaction makes the vulnerability easier to exploit remotely, increasing the threat surface. Although no confidentiality or integrity impact is reported, availability degradation can indirectly affect business continuity and compliance with service-level agreements (SLAs).

European organizations should immediately audit their use of OneFlow, particularly version 0.9.0, and identify any exposed services or systems utilizing the flow.cuda.BoolTensor component. Network-level controls such as firewall rules and segmentation should be implemented to restrict access to OneFlow services to trusted internal networks or VPNs. Monitoring and alerting should be enhanced to detect abnormal application crashes, resource exhaustion, or unusual input patterns targeting OneFlow components. Organizations should engage with the OneFlow community or vendors to obtain patches or updates as soon as they become available and prioritize their deployment. In the interim, consider disabling or isolating vulnerable components if feasible, or migrating workloads to alternative frameworks not affected by this vulnerability. Implementing rate limiting and input validation at the application layer can also reduce the risk of exploitation. Finally, maintaining comprehensive backups and incident response plans will help mitigate the impact of potential DoS incidents.