PyTorch Inductor Compilation Name Error Vulnerability in cummin API

A Name Error vulnerability has been identified in PyTorch version 2.7.0. This issue arises when a model using the torch.cummin function is compiled with the Inductor backend, leading to a Denial of Service (DoS) condition. The error occurs because the generated Triton kernel code references an undefined variable, rindex, causing the compilation to fail.

Impact

Exploitation of this vulnerability causes a Name Error during the compilation of the affected PyTorch model, leading to a Denial of Service condition.

Reproduction

The vulnerability can be reproduced by creating a PyTorch model that includes the torch.cummin function and compiling it with the Inductor backend. This can be done by setting the 'TORCHDYNAMO_VERBOSE' environment variable to '1' and using a CUDA device. When the model is compiled with Inductor, the Triton kernel generation fails with a Name Error, indicating that the vulnerability has been successfully exploited.

Remediation

This vulnerability has been fixed in PyTorch version 2.8.0. Users can upgrade to this version to address the issue.