File size: 1,066 Bytes
a2c29b8 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | # TensorRT VULN-003: Inference DoS via Loop(INT64_MAX)
## Vulnerability
A 338-byte ONNX model with a Loop operator set to INT64_MAX iterations compiles
to a valid TensorRT engine that hangs indefinitely during inference. No timeout
mechanism exists in TensorRT's execute_async_v3().
## Impact
- Permanent denial of service for any TensorRT inference server
- 338-byte model file causes infinite hang
- Affects Triton, TensorRT-LLM, any TRT-based pipeline
## Files
| File | Description |
|------|-------------|
| vuln003_loop_dos.py | Main PoC script |
| dos_loop.onnx | Malicious ONNX model (338 bytes) |
| dos_loop.engine | Compiled TRT engine (20,252 bytes) |
## Reproduction
```bash
pip install tensorrt onnx torch numpy
python vuln003_loop_dos.py
```
## Results
- Normal model inference (10 loop iterations): completes in 0.0s
- DoS model inference (INT64_MAX iterations): hangs indefinitely
- At 1 billion iterations/sec, would take 292 years to complete
- No timeout, no warning, no error — must kill the process
|