An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.
During ExecuTorch model loading, an integer overflow occurs, resulting in a smaller memory area being allocated than expected. The undersized buffer can subsequently be overwritten with data from outside the reserved region, which opens the possibility of arbitrary code execution or triggering other undesirable effects.
An attacker can trigger arbitrary code execution (RCE) in the context of an application processing an ExecuTorch model or cause other unpredictable effects resulting from memory corruption.
ExecuTorch should be updated to a version containing commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b or newer. The patch is available in the pytorch/executorch GitHub repository under the specified commit hash.
ExecuTorch library in all versions prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b in the pytorch/executorch repository.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H