8.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-30402

GHSA ID

GHSA-h952-963h-rv99

EPSS Score

0.1503%

CWE

CWE-122

Published

7/11/2025

Updated

7/11/2025

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-30402

CVE-2025-30402: ExecuTorch vulnerable to Heap-based Buffer Overflow attack

A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f

(GitHub Advisory)

8.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-30402

GHSA ID

GHSA-h952-963h-rv99

EPSS Score

0.1503%

CWE

CWE-122

Published

7/11/2025

Updated

7/11/2025

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
executorch	pip	<= 0.6.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability lies in the calculate_nbytes function in runtime/executor/method_meta.cpp. The commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f directly patches this function to add integer overflow checks. The vulnerability description mentions a heap-buffer-overflow during the loading of ExecuTorch methods, which aligns with the purpose of calculate_nbytes—to determine the memory size required for a tensor. The patch replaces the simple multiplication of dimensions with a version that checks for overflow at each step. The added test case TensorInfoSizeOverflow in runtime/executor/test/method_meta_test.cpp further confirms that the vulnerability is related to an overflow in size calculation by explicitly testing for it. The vulnerable function executorch::runtime::calculate_nbytes is called during the model loading process, and an integer overflow within it leads to the allocation of an incorrectly sized buffer, causing the heap overflow when tensor data is loaded.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* ***p-*u***r-ov*r*low vuln*r**ility in t** lo**in* o* *x**uTor** m*t*o*s **n **us* t** runtim* to *r*s* *n* pot*nti*lly r*sult in *o** *x**ution or ot**r un**sir**l* *****ts. T*is issu* *****ts *x**uTor** prior to *ommit ****************************

Reasoning

T** vuln*r**ility li*s in t** `**l*ul*t*_n*yt*s` *un*tion in `runtim*/*x**utor/m*t*o*_m*t*.*pp`. T** *ommit `****************************************` *ir**tly p*t***s t*is *un*tion to *** int***r ov*r*low ****ks. T** vuln*r**ility **s*ription m*ntio

8.1

Basic Information

Concerned about an active attack path?

CVE-2025-30402: ExecuTorch vulnerable to Heap-based Buffer Overflow attack

8.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI