theluckystrike's picture
Upload README.md with huggingface_hub
6774378 verified
|
Raw
History Blame Contribute Delete
803 Bytes

ExecuTorch .pte Integer Overflow PoC

CWE-190: Integer Overflow or Wraparound in segment offset arithmetic

Vulnerability

Multiple integer overflow vulnerabilities in ExecuTorch C++ runtime when parsing .pte model files. Unchecked arithmetic on segment offsets can wrap around, causing out-of-bounds memory access.

Distinct from CVE-2025-54952 which only patched Program::LoadSegment().

3 Findings

  1. pte_data_map.cpp:58PteDataMap::get_data()
  2. bundled_program.cpp:79 — BundledProgram segment loading
  3. flatbuffer_program.cpp:119FlatBufferProgram::load_segment()

Files

  • overflow_poc.pte — Crafted .pte file with overflow segment offsets
  • exploit_pte.py — PoC documentation script

CVSS

7.8 High — AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H