Описание
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pytorch | unfixed | package | ||
| pytorch | no-dsa | trixie | package | |
| pytorch | no-dsa | bookworm | package | |
| pytorch | postponed | bullseye | package |
Примечания
https://github.com/pytorch/pytorch/security/advisories/GHSA-63cw-57p8-fm3p
https://github.com/pytorch/pytorch/issues/163105
Fixed by: https://github.com/pytorch/pytorch/commit/167ad09be5af5c52666759412a3804068c6955d1
Связанные уязвимости
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files
Уязвимость параметра weights_only функции torch.load() фреймворка машинного обучения PyTorch, позволяющая нарушителю выполнить произвольный код