lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()

LMDeploy is a toolkit for compressing, deploying, and serving LLMs. Prior to version 0.11.1, an insecure deserialization vulnerability exists in lmdeploy where torch.load() is called without the weights_only=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file. This issue has been patched in version 0.11.1.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

可信数据的反序列化

lmdeploy 代码问题漏洞

lmdeploy是InternLM开源的一个用于压缩、部署和服务 LLM 的工具包。 lmdeploy 0.11.1之前版本存在代码问题漏洞，该漏洞源于加载模型检查点文件时未使用weights_only参数，可能导致攻击者通过恶意模型文件在受害者机器上执行任意代码。

N/A

N/A