Описание
ExecuTorch integer overflow vulnerability leads to code execution
An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.
Пакеты
Наименование
executorch
pip
Затронутые версииВерсия исправления
<= 0.6.0
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
6 месяцев назад
An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.