CVE-2024-9052

Name of the Vulnerable Software and Affected Versions vllm-project vllm version 0.6.0

Description The issue concerns a remote code execution vulnerability in the distributed training API. Specifically, the vllm.distributed.GroupCoordinator.recv object() function deserializes received object bytes using pickle.loads() without proper sanitization. This lack of sanitization leads to the vulnerability.

Recommendations For vllm-project vllm version 0.6.0, consider disabling the vllm.distributed.GroupCoordinator.recv object() function until a patch is available to prevent potential remote code execution. Restrict access to the distributed training API to minimize the risk of exploitation. Avoid using the pickle.loads() function for deserializing received object bytes without proper sanitization until the issue is resolved.