CNNVD-202507-1684 Information

CNNVD ID

CNNVD-202507-1684

Related CVE

CVE-2025-30402

• CNNVD Published: 2025-07-11

Description (Chinese)

executorch是pytorch开源的一个PyTorch的部署工具。 executorch存在安全漏洞，该漏洞源于加载ExecuTorch方法时存在堆缓冲区溢出，可能导致代码执行。

Description (English)

Executorch is a PyTorch deployment tool for pytorch. There is a security loophole in executorch, which stems from the spilling out of the buffer zone when the ExecuTorch method is loaded, which may lead to code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Q2A Projects

Published

2025-07-11

Last Modified

2026-02-24

References

https://github.com/pytorch/executorch/commit/93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f https://www.facebook.com/security/advisories/cve-2025-30402 https://access.redhat.com/security/cve/cve-2025-30402

Patch

https://github.com/pytorch/executorch/commit/93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f