CVE-2025-54952

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ExecuTorch versions prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b

Description An integer overflow in the loading of ExecuTorch models can lead to the allocation of smaller-than-expected memory regions. This can potentially result in code execution or other undesirable effects.

Recommendations Update ExecuTorch to a version after commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-680

Related Identifiers

CVE-2025-54952

GHSA-33R8-VRX9-RMCV

Affected Products

Executorch

CVE-2025-54952

Weakness Enumeration

Related Identifiers

Affected Products

References · 12