ExecuTorch Integer Overflow Vulnerability Leading to Overlapping Allocations and Potential Code Execution

Vulnerability

An integer overflow vulnerability has been identified in ExecuTorch, prior to commit d158236b1dc84539c1b16843bc74054c9dcba006. This vulnerability arises during the loading of ExecuTorch models, where improper handling of memory allocations can lead to overlapping allocations. Such overlaps may cause unintended consequences, including the possibility of code execution.

Impact

Exploitation of this vulnerability could result in overlapping memory allocations, potentially leading to code execution or other undesirable effects.

Added: Aug 7, 2025, 11:23 PM

Updated: Aug 7, 2025, 11:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.1

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

8.1

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ExecuTorch Integer Overflow Vulnerability Leading to Overlapping Allocations and Potential Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating