| 제목 | pytorch pytorch (in torch.cuda.nccl.reduce) 2.6.0 Denial of Service |
|---|
| 설명 | When using `torch.cuda.nccl.reduce` with invalid operation codes, the program crashes with `Aborted (core dumped)` instead of raising a `RuntimeError` or validating the input. This bug can be exploited for a denial-of-service attack.
# To Reproduce
```
import torch
import torch.cuda as cuda
from torch.cuda.nccl import reduce
def test_bug():
# Checking for unsupported operations
unsupported_ops = [0xFF, 0xAA] # Example of invalid NCCL operation codes
for op in unsupported_ops:
input_tensor = torch.tensor([1.0, 2.0, 3.0], device=f'cuda:0')
output_tensor = torch.zeros_like(input_tensor)
reduce(inputs=[input_tensor], output=output_tensor, root=0, op=op)
if __name__ == "__main__":
test_bug()
```
# Output
```
Aborted (core dumped)
``` |
|---|
| 원천 | ⚠️ https://github.com/pytorch/pytorch/issues/150836 |
|---|
| 사용자 | Default436352 (UID 81891) |
|---|
| 제출 | 2025. 04. 08. PM 05:11 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 05. PM 01:53 (27 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 307394 [PyTorch 2.6.0+cu124 torch/cuda/nccl.py torch.cuda.nccl.reduce 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|