CNNVD-202508-721 Information

CNNVD ID

CNNVD-202508-721

Related CVE

CVE-2025-54949

• CNNVD Published: 2025-08-07

Description (Chinese)

executorch是pytorch开源的一个PyTorch的部署工具。 executorch存在安全漏洞，该漏洞源于加载模型时存在堆缓冲区溢出，可能导致代码执行。

Description (English)

Executorch is a PyTorch deployment tool for pytorch. There is a security loophole in executorch, which stems from the spilling of stacks of buffer zones at the time of loading the model, which could lead to code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

PyTorch

Published

2025-08-07

Last Modified

2026-02-24

References

https://www.facebook.com/security/advisories/cve-2025-54949 https://github.com/pytorch/executorch/commit/ede82493dae6d2d43f8c424e7be4721abe5242be https://access.redhat.com/security/cve/cve-2025-54949