Hao Fan

**Name of the Vulnerable Software and Affected Versions** NVIDIA Megatron-LM (affected versions not specified) **Description** The software contains a flaw in the tasks/orqa/unsupervised/nq.py component that could allow an attacker to inject code. Exploitation of this issue may result in code execution, privilege escalation, information disclosure, and data tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA Megatron-LM (affected versions not specified) **Description** The software contains a flaw in the msdp preprocessing script that could allow an attacker to inject malicious data. Exploitation of this issue may result in code execution, privilege escalation, information disclosure, and data tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA Megatron-LM (affected versions not specified) **Description** The software contains a flaw in the `ensemble classifer` script that could allow an attacker to inject malicious data. Successful exploitation of this issue may result in code execution, privilege escalation, information disclosure, and data tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Volcengine versions 3.0.0 Description: A deserialization vulnerability exists in Volcengine's `scripts/model merger.py` script when using the "fsdp" backend. The script calls `torch.load()` with `weights only=False` on user-supplied `.pt` files, allowing attackers to execute arbitrary code if a maliciously crafted model file is loaded. An attacker can exploit this by convincing a victim to download and place a malicious model file in a local directory with a specific filename pattern. This vulnerability may lead to arbitrary code execution with the privileges of the user running the script. Recommendations: Volcengine version 3.0.0: Avoid using the "fsdp" backend with user-supplied `.pt` files. As a temporary workaround, consider restricting access to the `scripts/model merger.py` script to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: NVIDIA Megatron-LM (affected versions not specified) Description: NVIDIA Megatron-LM contains an issue in the `megatron/training/arguments.py` component that may allow an attacker to inject code by providing malicious input. A successful exploit could lead to code execution, privilege escalation, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: NVIDIA Megatron-LM (affected versions not specified) Description: NVIDIA Megatron-LM contains an issue in the tools component that may allow an attacker to exploit a code injection. A successful exploit could lead to code execution, escalation of privileges, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** modelscope/ms-swift versions through 2.6.1 **Description** The modelscope/ms-swift library is susceptible to arbitrary code execution through the deserialization of untrusted data. This occurs within the `load model meta()` function of the `ModelFileSystemCache()` class, utilizing `pickle.load()` on data originating from potentially untrusted sources. Attackers can exploit this by crafting a malicious serialized `.mdl` payload, leading to remote code execution (RCE). The malicious payload is a hidden file, making detection difficult. The normal training process remains unaffected after the execution of arbitrary code. **Recommendations** versions prior to 2.7

Name of the Vulnerable Software and Affected Versions: NVIDIA Megatron-LM (affected versions not specified) Description: The issue concerns a code injection vulnerability in a python component of NVIDIA Megatron-LM. An attacker can exploit this by providing a malicious file, potentially leading to code execution, escalation of privileges, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: NVIDIA Megatron-LM (affected versions not specified) Description: The issue concerns a code injection vulnerability in a python component of NVIDIA Megatron-LM. An attacker can exploit this by providing a malicious file, potentially leading to code execution, escalation of privileges, information disclosure, and data tampering. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.