4 matches found
CVE-2024-7804
A flaw was found in PyTorch. This vulnerability allows an attacker to execute arbitrary code remotely via a maliciously crafted serialized PythonUDF object. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security...
GHSA-4VMG-RW8F-92F9 Withdrawn Advisory: PyTorch deserialization vulnerability
Withdrawn Advisory This advisory has been withdrawn because it describes known functionality of PyTorch. This link is maintained to preserve external references. Original Description A deserialization vulnerability exists in the Pytorch RPC framework torch.distributed.rpc in pytorch/pytorch...
CVE-2024-7804
...
UBUNTU-CVE-2024-5480
A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior to 2.2.2, allows for remote code execution RCE. The framework, which is used in distributed training scenarios, does not properly verify the functions being called during RPC Remote Procedure Call...