Xgrammar Segmentation Fault Vulnerability Leading to Denial-of-Service
Vulnerability
A denial-of-service vulnerability has been identified in the Xgrammar library, prior to version 0.1.32. The issue arises from multi-level nested syntax, which can cause a segmentation fault and core dump. This vulnerability can be exploited by creating a grammar rule with 30,000 layers of nested parentheses, triggering a stack overflow or memory exhaustion.
Impact
Exploitation of this vulnerability leads to a segmentation fault, causing a core dump and disrupting normal operation.
Reproduction
The vulnerability can be reproduced by using Xgrammar version 0.1.31 and constructing a grammar rule that includes 30,000 layers of nested parentheses. This can be done by a script that utilizes the Xgrammar library, along with PyTorch and the Transformers library, to generate a mathematical expression that exploits the nesting flaw.
Remediation
Users can upgrade to Xgrammar version 0.1.32, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.