Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-53q9-r3pm-6pq6: PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

Description

I found a Remote Command Execution (RCE) vulnerability in the PyTorch. When load model using torch.load with weights_only=True, it can still achieve RCE.

Background knowledge

https://github.com/pytorch/pytorch/security As you can see, the PyTorch official documentation considers using torch.load() with weights_only=True to be safe. image Since everyone knows that weights_only=False is unsafe, so they will use the weights_only=True to mitigate the security issue. But now, I just proved that even if you use weights_only=True, it still can achieve RCE. So it is time to update your PyTorch version~.

Credit

This vulnerability was found by Ji’an Zhou.

ghsa
Open in Source
#vulnerability#git#rce

Description

I found a Remote Command Execution (RCE) vulnerability in the PyTorch. When load model using torch.load with weights_only=True, it can still achieve RCE.

Background knowledge

https://github.com/pytorch/pytorch/security
As you can see, the PyTorch official documentation considers using torch.load() with weights_only=True to be safe.

Since everyone knows that weights_only=False is unsafe, so they will use the weights_only=True to mitigate the security issue.
But now, I just proved that even if you use weights_only=True, it still can achieve RCE.
So it is time to update your PyTorch version~.

Credit

This vulnerability was found by Ji’an Zhou.

References

  • GHSA-53q9-r3pm-6pq6
  • pytorch/pytorch@8d4b8a9

ghsa: Latest News

GHSA-r683-v43c-6xqv: samlify SAML Signature Wrapping attack
ghsa