Plattform
python
Komponente
nvidia/megatron-lm
Behoben in
0.13.2
CVE-2025-23348 describes a code injection vulnerability discovered in NVIDIA Megatron-LM, a framework for large language model training. This vulnerability allows attackers to inject malicious code via specially crafted data, potentially leading to severe consequences. The issue affects all versions of Megatron-LM prior to 0.13.1 and 0.12.3. A patch is available in version 0.13.1.
An attacker exploiting CVE-2025-23348 could execute arbitrary code within the context of the Megatron-LM process. This could lead to complete system compromise, including data exfiltration, modification, and denial of service. The potential for privilege escalation is significant, allowing an attacker to gain control over the underlying system. Given Megatron-LM's use in training large language models, the vulnerability could also be leveraged to poison training data, leading to biased or malicious model outputs. The blast radius extends to any system running a vulnerable version of Megatron-LM and processing attacker-controlled data.
CVE-2025-23348 was publicly disclosed on 2025-09-24. The vulnerability's impact, allowing code execution, aligns with high-risk vulnerabilities. No public proof-of-concept (PoC) code has been released at the time of this writing. It is not currently listed on the CISA KEV catalog. The likelihood of exploitation depends on the visibility of vulnerable deployments and the availability of exploit development resources.
Organizations utilizing NVIDIA Megatron-LM for large language model training, particularly those deploying it in production environments or processing data from untrusted sources, are at significant risk. Environments with limited input validation or inadequate security controls are especially vulnerable. Shared hosting environments where multiple users share the same Megatron-LM instance could also be affected.
• python / script analysis: Inspect the pretrain_gpt script for suspicious code execution or data handling logic. Look for calls to eval() or exec() with untrusted input.
import ast
def analyze_script(script_path):
with open(script_path, 'r') as f:
source_code = f.read()
tree = ast.parse(source_code)
for node in ast.walk(tree):
if isinstance(node, (ast.Call, ast.Attribute))
and hasattr(node, 'func') and hasattr(node.func, 'id') and node.func.id in ('eval', 'exec'):
print(f"Potential code injection point found: {node.lineno}")• linux / server: Monitor process execution for unexpected Megatron-LM processes running with elevated privileges. Use ps aux | grep megatron to identify running processes.
ps aux | grep megatron | grep -v grep• generic web: If Megatron-LM is exposed via a web interface, monitor access logs for unusual requests targeting the pretrain_gpt script or related endpoints.
disclosure
Exploit-Status
EPSS
0.02% (6% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-23348 is to upgrade to NVIDIA Megatron-LM version 0.13.1 or later. If upgrading immediately is not feasible, carefully scrutinize all input data provided to the pretrain_gpt script. Implement robust input validation and sanitization to prevent the injection of malicious code. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests. Monitor system logs for unusual activity or code execution patterns. After upgrading, confirm the fix by attempting to reproduce the vulnerability with known malicious input and verifying that it is no longer exploitable.
Actualice NVIDIA Megatron-LM a la versión 0.13.1 o posterior. Esto corrige la vulnerabilidad de inyección de código en el script pretrain_gpt. Asegúrese de verificar la integridad de los datos utilizados por el script para evitar la ejecución de código malicioso.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-23348 is a code injection vulnerability in NVIDIA Megatron-LM versions prior to 0.13.1 and 0.12.3, allowing attackers to execute malicious code.
You are affected if you are using NVIDIA Megatron-LM versions prior to 0.13.1 or 0.12.3. Check your version and upgrade immediately.
Upgrade to NVIDIA Megatron-LM version 0.13.1 or later. Implement input validation as a temporary workaround.
No active exploitation has been confirmed at this time, but the vulnerability's severity warrants immediate attention.
Refer to the NVIDIA security bulletin for detailed information and updates: [https://www.nvidia.com/en-us/security/cve/CVE-2025-23348](https://www.nvidia.com/en-us/security/cve/CVE-2025-23348)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.