← Voltar para CVEs
CVE-2025-54952
CRITICAL9.8
Descricao
An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado8/8/2025
Ultima modificacao8/8/2025
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-680
Referencias
https://github.com/pytorch/executorch/commit/8f062d3f661e20bb19b24b767b9a9a46e8359f2b(cve-assign@fb.com)
https://www.facebook.com/security/advisories/cve-2025-54952(cve-assign@fb.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.