¡¾¸´ÏÖ¡¿vLLMÔ¶³Ì´úÂëÖ´ÐЩ¶´£¨CVE-2025-62164£©

·¢²¼Ê±¼ä 2025-11-27

vLLMÊÇÒ»¸ö´óÐÍÓïÑÔÄ£ÐÍ£¨LLM£©µÄÍÆÀíºÍ·þÎñÒýÇæ¡£vLLMµÄCompletions API¶Ëµã´æÔÚÄÚ´æËð»µÂ©¶´£¨CVE-2025-62164£©£¬¿ÉÄܵ¼Ö±ÀÀ££¨¾Ü¾ø·þÎñ£©ºÍDZÔÚµÄÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©¡£µ±´¦ÀíÓû§ÌṩµÄÌáʾǶÈëʱ£¬¸Ã¶ËµãʹÓÃtorch.load()¼ÓÔØÐòÁл¯ÕÅÁ¿£¬µ«È±·¦×ã¹»µÄÑéÖ¤¡£ÓÉÓÚPyTorch 2.8.0ÒýÈëµÄ¸ü¸Ä£¬Ï¡ÊèÕÅÁ¿ÍêÕûÐÔ¼ì²éĬÈϱ»½ûÓá£Òò´Ë£¬¶ñÒâÖÆ×÷µÄÕÅÁ¿¿ÉÒÔÈÆ¹ýÄÚ²¿±ß½ç¼ì²é£¬²¢ÔÚµ÷ÓÃto_dense()ʱ´¥·¢Ô½½çÄÚ´æÐ´Èë¡£ÕâÖÖÄÚ´æË𻵿ÉÄܵ¼ÖÂvLLM±ÀÀ££¬²¢¿ÉÄÜʹÍйÜvLLMµÄ·þÎñÆ÷Ö´ÐдúÂ롣Ŀǰ£¬¸ÃÎÊÌâÒÑÔÚ0.11.1°æ±¾ÖÐÐÞ¸´¡£


Ó°Ïì°æ±¾


vLLM 0.10.2 - 0.11.0


©¶´Ô­Àí


ͼƬ1.png


vLLM Completions APIµÄº¯Êý¶Ô´«ÈëµÄprompt_embeds²ÎÊýδ×öºÏ·¨ÐÔÑéÖ¤£¬Ö±½ÓʹÓÃtorch.load()·´ÐòÁл¯Óû§ÌṩµÄprompt_embeds²ÎÊý¡£µ±vLLM¶Ô¶ñÒâÏ¡ÊèÕÅÁ¿µ÷ÓÃ.to_dense()ʱ£¬PyTorch»á½âÒýÓù¥»÷Õß¿ØÖƵÄË÷ÒýÊý×飬Èç¹ûË÷Òý³¬³ö±ß½ç£¬²Ù×÷»áÔÚ·ÖÅäµÄ»º³åÇøÍâдÈëÊý¾Ý¡£¸Ã©¶´Ô´ÓÚvLLM¶ÔÓû§ÊäÈëµÄÐòÁл¯PyTorchÕÅÁ¿ÊäÈëȱ·¦³ä·ÖÑéÖ¤£¬½áºÏPyTorch 2.8.0ĬÈϹرÕÏ¡ÊèÕÅÁ¿ÍêÕûÐÔ¼ì²éµÄÌØÐÔ¡£


©¶´Î£º¦


£¨1£©Ö±½ÓÓ°Ïì?

    ? ·þÎñ¾Ü¾ø?£ºµ¥¸ö»ûÐÎAPIÇëÇ󼴿ɵ¼ÖÂÉú²ú»·¾³µÄvLLMÍÆÀí·þÎñÆ÷±ÀÀ£¡£?
    ? Ô¶³Ì´úÂëÖ´ÐУºÔÚÌØ¶¨Ìõ¼þÏ£¬Èç¹û¹¥»÷ÕßÄܹ»¿ØÖƱ»¸²¸ÇµÄÄڴ棬¿ÉÄÜʵÏÖÔ¶³Ì´úÂëÖ´ÐС£
    ? ÏµÍ³¿ØÖÆ£º¹¥»÷Õß¿ÉÄÜ»ñµÃÖ÷»úϵͳµÄ¿ØÖÆÈ¨¡£


£¨2£©¹¥»÷Ìõ¼þ?

    ? ½öÐèÒªÍøÂç·ÃÎÊCompletions API¶Ëµã¡£

    ? Ä¬ÈÏÇé¿öϸö˵㲻ÐèÒªÉí·ÝÑéÖ¤¡£

    ? ¹¥»÷¸´ÔӶȵÍ£¬ÎÞÐèÌØÊâȨÏÞ¡£


©¶´¸´ÏÖ


ÑéÖ¤»·¾³£º

Pytorch 2.8.0

vLLM 0.11.0

Ubuntu 22.04


ͼƬ2.png


ÐÞ¸´·½°¸


£¨1£©Á¢¼´´ëÊ©

    ? ?°æ±¾Éý¼¶?£º½«vLLMÉý¼¶µ½0.11.1»ò¸ü¸ß°æ±¾¡£
    ? API·ÃÎÊ¿ØÖÆ?£º¶ÔCompletions API¶ËµãʵʩÉí·ÝÑéÖ¤ºÍ·ÃÎÊÏÞÖÆ¡£
    ? ÍøÂç¸ôÀë?£º½«vLLM·þÎñ²¿ÊðÔÚÄÚÍø»·¾³£¬ÏÞÖÆÍⲿ·ÃÎÊ¡£

?

£¨2£©¼¼ÊõÐÞ¸´?

    ? ?ÊäÈëÑéÖ¤?£ºÔÚ´¦ÀíÓû§ÌṩµÄÐòÁл¯ÕÅÁ¿Ç°£¬ÊµÊ©ÑϸñµÄ½á¹¹ºÍË÷ÒýÑéÖ¤¡£
    ? ?ÍêÕûÐÔ¼ì²éÆôÓÃ?£ºÇ¿ÖÆÆôÓÃÏ¡ÊèÕÅÁ¿ÍêÕûÐÔ¼ì²étorch.sparse.check_sparse_tensor_invariants.enabled = True ¡£
    ? °²È«·´ÐòÁл¯?£ºÊ¹Óð²È«µÄÕÅÁ¿¼ÓÔØ·½Ê½£¬»òÍêÈ«½ûÓÃÐòÁл¯ÕÅÁ¿ÊäÈ빦ÄÜ¡£

?

£¨3£©³¤ÆÚ·À»¤?

    ? ÊµÊ©×îСȨÏÞÔ­ÔòÔËÐзþÎñ¡£
    ? ¶¨ÆÚ°²È«Éó¼ÆºÍÉøÍ¸²âÊÔ¡£
    ? ½¨Á¢ÍêÉÆµÄ©¶´¼à¿ØºÍÓ¦¼±ÏìÓ¦»úÖÆ¡£


¸Ã©¶´Í¹ÏÔÁËAI»ù´¡ÉèÊ©°²È«µÄÖØÒªÐÔ£¬ÌرðÊÇÔÚ´¦ÀíÓû§¿É¿ØµÄ¸´ÔÓÊý¾Ý½á¹¹Ê±ÐèÒª¸ñÍâ½÷É÷¡£



²Î¿¼Á´½Ó£º

[1]https://nvd.nist.gov/vuln/detail/CVE-2025-62164

[2]https://zeropath.com/blog/cve-2025-62164-vllm-memory-corruption-summary

[3]https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf

[4]https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b


mansion88Ã÷Éý»ý¼«·ÀÓùʵÑéÊÒ£¨ADLab£©


ADLab³ÉÁ¢ÓÚ1999Ä꣬ÊÇÖйú°²È«ÐÐÒµ×îÔç³ÉÁ¢µÄ¹¥·À¼¼ÊõÑо¿ÊµÑéÊÒÖ®Ò»£¬Î¢ÈíMAPP¼Æ»®ºËÐijÉÔ±£¬¡°ºÚȸ¹¥»÷¡±¸ÅÄîÊ×ÍÆÕß¡£½ØÖÁĿǰ£¬ADLabÒÑͨ¹ý CNVD/CNNVD/NVDB/CVEÀۼƷ¢²¼°²È«Â©¶´6500Óà¸ö£¬³ÖÐø±£³Ö¹ú¼ÊÍøÂ簲ȫÁìÓòÒ»Á÷Ë®×¼¡£ÊµÑéÊÒÑо¿·½Ïòº­¸Ç»ù´¡°²È«Ñо¿¡¢Êý¾Ý°²È«Ñо¿¡¢5G°²È«Ñо¿¡¢AI+°²È«Ñо¿¡¢ÎÀÐǰ²È«Ñо¿¡¢ÔËÓªÉÌ»ù´¡ÉèÊ©°²È«Ñо¿¡¢Òƶ¯°²È«Ñо¿¡¢ÎïÁªÍø°²È«Ñо¿¡¢³µÁªÍø°²È«Ñо¿¡¢¹¤¿Ø°²È«Ñо¿¡¢ÐÅ´´°²È«Ñо¿¡¢Ôư²È«Ñо¿¡¢ÎÞÏß°²È«Ñо¿¡¢¸ß¼¶ÍþвÑо¿¡¢¹¥·À¶Ô¿¹¼¼ÊõÑо¿¡£Ñо¿³É¹ûÓ¦ÓÃÓÚ²úÆ·ºËÐļ¼ÊõÑо¿¡¢¹ú¼ÒÖØµã¿Æ¼¼ÏîÄ¿¹¥¹Ø¡¢×¨Òµ°²È«·þÎñµÈ¡£



adlab.jpg