YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
TensorRT VULN-003: Inference DoS via Loop(INT64_MAX)
Vulnerability
A 338-byte ONNX model with a Loop operator set to INT64_MAX iterations compiles to a valid TensorRT engine that hangs indefinitely during inference. No timeout mechanism exists in TensorRT's execute_async_v3().
Impact
- Permanent denial of service for any TensorRT inference server
- 338-byte model file causes infinite hang
- Affects Triton, TensorRT-LLM, any TRT-based pipeline
Files
| File | Description |
|---|---|
| vuln003_loop_dos.py | Main PoC script |
| dos_loop.onnx | Malicious ONNX model (338 bytes) |
| dos_loop.engine | Compiled TRT engine (20,252 bytes) |
Reproduction
pip install tensorrt onnx torch numpy
python vuln003_loop_dos.py
Results
- Normal model inference (10 loop iterations): completes in 0.0s
- DoS model inference (INT64_MAX iterations): hangs indefinitely
- At 1 billion iterations/sec, would take 292 years to complete
- No timeout, no warning, no error — must kill the process
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support