CVE-2024-9052

Description

vllm-project vllm version 0.6.0 contains a vulnerability in the distributed training API. The function vllm.distributed.GroupCoordinator.recv_object() deserializes received object bytes using pickle.loads() without sanitization, leading to a remote code execution vulnerability. ### Maintainer perspective Note that vLLM does NOT use the code as described in the report on huntr. The problem only exists if you use these internal APIs in a way that exposes them to a network as described. The vllm team was not involved in the analysis of this report and the decision to assign it a CVE.

How to fix CVE-2024-9052

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• —no fix listed

Is CVE-2024-9052 being exploited?

No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2024-9052.

Affected packages (1)

• from 0, <= 0.8.1

CVSS scores

References (6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2024-9052
• PATCHgithub.com/vllm-project/vllm
• WEBgithub.com/github/advisory-database/pull/5444
• WEBgithub.com/vllm-project/vllm/blob/32e7db25365415841ebc7c4215851743fbb1bad1/vllm/distributed/parallel_state.py#L480