Preface: Using the C++ new operator, we can allocate memory at the runtime. The new operator in C++ is used for the dynamic memory allocation; It is used to allocate the memory at runtime on heap memory.
Background: PyTorch is a deep learning framework open sourced by Facebook in early 2017. It is built on Torch and is advertised as Python First. It is tailor-made for the Python language. PyTorch is unique in that it fully supports GPUs and uses reverse-mode automatic differentiation technology, so the computational graph can be modified dynamically. This makes it a popular choice for rapid experimentation and prototyping.
Vulnerability details: PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Official announcement: Please refer to the link for details –