CVE-2025-1403

Name of the Vulnerable Software and Affected Versions Qiskit SDK versions 0.45.0 through 1.2.4

Description A maliciously crafted QPY file containing a malformed symengine serialization stream can cause a segfault within the symengine library, allowing an attacker to terminate the hosting process deserializing the QPY payload. This issue can be exploited by remote attackers, potentially causing a denial of service.

Recommendations For Qiskit SDK versions 0.45.0 through 1.2.4, update to version 1.3.0 or later, which addresses this issue when using QPY format version 13. Additionally, consider patching the locally installed version of symengine in the deserializing environment to prevent the specific segfault. As a temporary workaround, consider restricting the use of QPY formats 10, 11, and 12, especially when the use symengine flag is set, to minimize the risk of exploitation. Use the provided Python function check qpy payload to detect potentially vulnerable QPY payloads.