Описание
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weights_only unpickler allows an attacker to craft a malicious checkpoint file (.pth) that, when loaded with torch.load(..., weights_only=True), can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
A flaw was found in PyTorch, a Python package for tensor computation. A remote attacker could craft a malicious checkpoint file, which, when loaded using the weights_only unpickler, could lead to memory corruption. This vulnerability may enable an attacker to achieve arbitrary code execution on the affected system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-codeflare-operator-rhel8 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-codeflare-operator-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-training-rocm62-torch24-py311-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-training-rocm62-torch25-py311-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-training-rocm64-torch28-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-vllm-gaudi-rhel9 | Affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9 | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
PyTorch is a Python package that provides tensor computation. Prior to ...
PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files
Уязвимость параметра weights_only функции torch.load() фреймворка машинного обучения PyTorch, позволяющая нарушителю выполнить произвольный код
8.8 High
CVSS3