You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)

PoC: ExecuTorch Out-of-bounds Read via Crafted .pte File

Vulnerability

Out-of-bounds heap read in ExecuTorch Program::load() and metadata accessors when processing a crafted .pte file. The default loading path (Verification::Minimal) does not run the FlatBuffers Verifier, so crafted offsets cause SIGSEGV when accessing program metadata.

CWE: CWE-125 (Out-of-bounds Read) Tested: executorch==1.1.0 (pip), source commit a17428b33d7cdb0bc4b4917da4e487dbcfe4173d

Reproduction

pip install executorch==1.1.0
python3 reproduce.py

Expected output:

[*] Testing: poc_flatbuf_oob.pte (64 bytes)
    Loading program... (should crash)
Segmentation fault (core dumped)

Files

poc_flatbuf_oob.pte — 64-byte crafted .pte file (triggers SEGV in get_execution_plan() via strcmp on invalid pointer)
poc_vtable_oob.pte — 64-byte crafted .pte file (triggers SEGV in get_method_name() via invalid VTable offset)
reproduce.py — Self-contained Python reproduction script

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support