YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
ONNX Runtime OOM DoS β Proof of Concept
Vulnerability
CWE-770: Unbounded memory allocation in ONNX Runtime C++ core during initializer parsing.
ONNX Runtime allocates memory based on TensorProto.dims without checking total size.
Impact
136-byte model β 2^60 element allocation β std::bad_alloc β process crash.
Files
malicious_oom.onnxβ Malicious ONNX model (136 bytes)poc_exploit.pyβ Exploit script (generator)vulnerability_report.mdβ Full technical report
Reproduction
pip install onnxruntime
python3 poc_exploit.py
python3 -c "import onnxruntime; onnxruntime.InferenceSession('malicious_oom.onnx')"
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support