一、 漏洞 CVE-2025-47277 基础信息
漏洞信息
                                        # vLLM 通过 PyNcclPipe 通信服务允许远程代码执行

N/A
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
来源:美国国家漏洞数据库 NVD
漏洞描述信息
vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the `PyNcclPipe` KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of the `PyNcclPipe` class to establish a peer-to-peer communication domain for data transmission between distributed nodes. The GPU-side KV-Cache transmission is implemented through the `PyNcclCommunicator` class, while CPU-side control message passing is handled via the `send_obj` and `recv_obj` methods on the CPU side.​ The intention was that this interface should only be exposed to a private network using the IP address specified by the `--kv-ip` CLI parameter. The vLLM documentation covers how this must be limited to a secured network. The default and intentional behavior from PyTorch is that the `TCPStore` interface listens on ALL interfaces, regardless of what IP address is provided. The IP address given was only used as a client-side address to use. vLLM was fixed to use a workaround to force the `TCPStore` instance to bind its socket to a specified private interface. As of version 0.8.5, vLLM limits the `TCPStore` socket to the private interface as configured.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
可信数据的反序列化
来源:美国国家漏洞数据库 NVD
漏洞标题
vLLM 代码问题漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
vLLM是vLLM开源的一个适用于 LLM 的高吞吐量和内存高效推理和服务引擎。 vLLM 0.6.5至0.8.4版本存在代码问题漏洞,该漏洞源于PyNcclPipe KV缓存传输未正确限制TCPStore接口访问范围。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
代码问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2025-47277 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-47277 的情报信息

  • 标题: Use custom address for listening socket by jglaser · Pull Request #15988 · vllm-project/vllm · GitHub -- 🔗来源链接

    标签: x_refsource_MISC

    神龙速读
    Use custom address for listening socket by jglaser · Pull Request #15988 · vllm-project/vllm · GitHub

  • 标题: Security Guide — vLLM -- 🔗来源链接

    标签: x_refsource_MISC

    神龙速读
    Security Guide — vLLM

  • 标题: Remote Code Execution via PyNcclPipe Communication Service · Advisory · vllm-project/vllm · GitHub -- 🔗来源链接

    标签: x_refsource_CONFIRM

    神龙速读
    Remote Code Execution via PyNcclPipe Communication Service · Advisory · vllm-project/vllm · GitHub

  • 标题: Use custom address for listening socket (#15988) · vllm-project/vllm@0d6e187 · GitHub -- 🔗来源链接

    标签: x_refsource_MISC

    神龙速读
    Use custom address for listening socket (#15988) · vllm-project/vllm@0d6e187 · GitHub
  • https://nvd.nist.gov/vuln/detail/CVE-2025-47277