CVE-2025-54952 | THREATINT

Description

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.

PUBLISHED Reserved 2025-08-01 | Published 2025-08-07 | Updated 2025-08-08 | Assigner facebook

Problem types

Integer Overflow to Buffer Overflow (CWE-680)

Product status

Default status

unaffected

Any version before https://github.com/pytorch/executorch/commit/8f062d3f661e20bb19b24b767b9a9a46e8359f2b

affected

References

www.facebook.com/security/advisories/cve-2025-54952

github.com/...ommit/8f062d3f661e20bb19b24b767b9a9a46e8359f2b

cve.org (CVE-2025-54952)

nvd.nist.gov (CVE-2025-54952)

Download JSON