CVE-2025-62164

EPSS 0.83%
Veröffentlicht 21.11.2025 01:18:38
Zuletzt bearbeitet 04.12.2025 17:14:20
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

VLLM deserialization vulnerability leading to DoS and potential RCE

vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash (denial-of-service) and potentially remote code execution (RCE), exists in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using torch.load() without sufficient validation. Due to a change introduced in PyTorch 2.8.0, sparse tensor integrity checks are disabled by default. As a result, maliciously crafted tensors can bypass internal bounds checks and trigger an out-of-bounds memory write during the call to to_dense(). This memory corruption can crash vLLM and potentially lead to code execution on the server hosting vLLM. This issue has been patched in version 0.11.1.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 4 Referenzen 6

NVD 3 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vllm ≫ Vllm Version >= 0.10.2 < 0.11.1

Vllm ≫ Vllm Version0.11.1 Updaterc0

Vllm ≫ Vllm Version0.11.1 Updaterc1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.83%	0.528

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-123 Write-what-where Condition

Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf

Vendor Advisory

Issue Tracking

https://github.com/vllm-project/vllm/pull/27204

Patch

Vendor Advisory

Issue Tracking

https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-62164

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-62164

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-62164

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-62164