Vulnerability Database
Blog
FAQ
Docs
UBUNTU-CVE-2024-48063
See a problem?
Source
https://ubuntu.com/security/CVE-2024-48063
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48063.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-48063
Related
CVE-2024-48063
Published
2024-10-29T21:15:00Z
Modified
2024-10-30T16:31:00Z
Summary
[none]
Details
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.
References
https://ubuntu.com/security/CVE-2024-48063
https://www.cve.org/CVERecord?id=CVE-2024-48063
https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c
https://gist.github.com/hexian2001/c046c066895a963ecc0a2cf9e1180065
Affected packages
Ubuntu:22.04:LTS
/
pytorch
Package
Name
pytorch
Purl
pkg:deb/ubuntu/pytorch?arch=src?distro=jammy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.7.1-7
1.8.1-4
Ecosystem specific
{ "ubuntu_priority": "medium" }
Ubuntu:24.10
/
pytorch
Package
Name
pytorch
Purl
pkg:deb/ubuntu/pytorch?arch=src?distro=oracular
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.1.2+dfsg-4ubuntu1
2.1.2+dfsg-4ubuntu2
2.4.1-1ubuntu1
Ecosystem specific
{ "ubuntu_priority": "medium" }
UBUNTU-CVE-2024-48063 - OSV