| 제목 | VITA-MLLM Freeze-Omni 0.0 Deserialization |
|---|
| 설명 | Freeze-Omni, a speech-to-speech dialogue model, has a critical vulnerability (CWE-502: Deserialization of Untrusted Data). In the models/utils.py file, the torch.load function is used without the weights_only=True parameter when loading data from a file specified by the path parameter. If an attacker-crafted malicious pickle file is loaded, it can trigger arbitrary code execution during deserialization. This allows attackers to gain unauthorized system access or carry out malicious actions. All versions of Freeze-Omni are affected, and as of now, there's no fix on the latest main branch.
More details: https://github.com/VITA-MLLM/Freeze-Omni/issues/29 |
|---|
| 원천 | ⚠️ https://github.com/VITA-MLLM/Freeze-Omni/issues/29 |
|---|
| 사용자 | ybdesire (UID 83239) |
|---|
| 제출 | 2025. 04. 30. PM 03:49 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 15. AM 08:31 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 308999 [VITA-MLLM Freeze-Omni 까지 20250421 models/utils.py torch.load path 권한 상승] |
|---|
| 포인트들 | 20 |
|---|