BIT-pytorch-2024-31580
Heap Buffer Overflow vulnerability in torch (PyPI)
What is BIT-pytorch-2024-31580 About?
This vulnerability is a Heap Buffer Overflow in PyTorch's `/runtime/vararg_functions.cpp` component, affecting versions prior to v2.2.0. Successful exploitation allows attackers to cause a Denial of Service (DoS) by providing a crafted input, leading to system unavailability. It is moderately easy to exploit given the right input.
Affected Software
- torch
- <2.2.0
- <b5c3a17c2c207ebefcb85043f0cf94be9b2fef81
Technical Details
The heap buffer overflow occurs in the /runtime/vararg_functions.cpp component of PyTorch. This suggests an issue in how the vararg_functions (functions accepting a variable number of arguments) handle memory allocation or indexing on the heap when processing certain inputs. A crafted input, likely involving an unusual number or type of arguments that bypasses input validation, can cause the component to write data beyond the allocated buffer on the heap. This corrupted memory can lead to program crashes, typically a segmentation fault or a similar memory access violation, resulting in a Denial of Service. The specific attack vector involves supplying an input that triggers this out-of-bounds write.
What is the Impact of BIT-pytorch-2024-31580?
Successful exploitation may allow attackers to cause the PyTorch application to crash, leading to a Denial of Service and making the affected system or service unavailable.
What is the Exploitability of BIT-pytorch-2024-31580?
Exploitation of this vulnerability requires sending a specially crafted input to the PyTorch application. The complexity is moderate, as it requires understanding the internal workings of vararg_functions.cpp and how to manipulate inputs to trigger the buffer overflow. No explicit authentication or specific privileges are mentioned, suggesting it might be exploitable through a user-provided input interface, potentially remotely if the PyTorch instance is exposed. Risk factors include applications that accept and process untrusted input directly within their PyTorch components.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for BIT-pytorch-2024-31580?
Available Upgrade Options
- torch
- <b5c3a17c2c207ebefcb85043f0cf94be9b2fef81 → Upgrade to b5c3a17c2c207ebefcb85043f0cf94be9b2fef81
- torch
- <2.2.0 → Upgrade to 2.2.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://osv.dev/vulnerability/GHSA-5pcm-hx3q-hm94
- https://github.com/pypa/advisory-database/tree/main/vulns/torch/PYSEC-2024-252.yaml
- https://osv.dev/vulnerability/PYSEC-2024-252
- https://nvd.nist.gov/vuln/detail/CVE-2024-31580
- https://github.com/pytorch/pytorch/commit/b5c3a17c2c207ebefcb85043f0cf94be9b2fef81
- https://security.snyk.io/vuln/SNYK-PYTHON-TORCH-6649934
- https://github.com/pytorch/pytorch/commit/b5c3a17c2c207ebefcb85043f0cf94be9b2fef81
- https://gist.github.com/1047524396/038c78f2f007345e6f497698ace2aa3d
- https://gist.github.com/1047524396/038c78f2f007345e6f497698ace2aa3d
- https://github.com/pytorch/pytorch
What are Similar Vulnerabilities to BIT-pytorch-2024-31580?
Similar Vulnerabilities: CVE-2023-28447 , CVE-2022-42969 , CVE-2021-39293 , CVE-2020-15949 , CVE-2019-14816
