| Title | thu-pacman chitu <0.1.0 Deserialization |
|---|
| Description | chitu is a high-performance inference framework for large language models (LLM). A vulnerability has been identified within its codebase regarding the use of the torch.load function. In the model loading process of Chitu, the torch.load function is repeatedly utilized to load checkpoint files without specifying the weights_only=True parameter. This oversight allows the function to deserialize the entire content of the checkpoint file, including any malicious Python objects and code that might be embedded.
More details: https://github.com/thu-pacman/chitu/issues/32 |
|---|
| Source | ⚠️ https://github.com/thu-pacman/chitu/issues/32 |
|---|
| User | ybdesire (UID 83239) |
|---|
| Submission | 03/25/2025 10:47 (1 Year ago) |
|---|
| Moderation | 04/03/2025 09:17 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 303111 [thu-pacman chitu 0.1.0 chitu/chitu/backend.py torch.load ckpt_path/quant_ckpt_dir deserialization] |
|---|
| Points | 20 |
|---|