logo

Database

Out-of-bounds read In org.pytorch:executorch-android

Description

ExecuTorch integer overflow vulnerability An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2025-304042. NVD-2025-304043. OSV-2025-304044. GCVE-2025-30404

References

1. https://github.com/pytorch/executorch/commit/d158236b1dc84539c1b16843bc74054c9dcba0062. https://www.facebook.com/security/advisories/cve-2025-30404

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.