YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
PoC: JIT Unpickler numel×itemsize Integer Overflow → Heap Buffer Overflow
Vulnerability: torch/csrc/jit/serialization/unpickler.cpp:583 — numel * dtype.itemsize() integer overflow causes undersized storage allocation, leading to heap OOB read/write when loading a crafted TorchScript model.
Files
poc_jit_numel_overflow.py— Full PoC (creates crafted model, demonstrates OOB read + write crash)overflow_model.pt— Pre-built crafted TorchScript model
Quick Start
pip install torch
python poc_jit_numel_overflow.py
Expected Output
- Heap OOB Read: 16,380 bytes leaked beyond 4-byte buffer
- Heap OOB Write:
w.fill_(0)crashes with SIGSEGV (heap corruption)
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support