SB20260427197 - Multiple vulnerabilities in vLLM

Description

This security bulletin contains information about 2 vulnerabilities.

1) Improper Validation of Array Index (CVE-ID: N/A)

CWE-ID: CWE-129 - Improper Validation of Array Index

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to cause a denial of service.

The vulnerability exists due to improper validation of array index in multimodal input position computation when processing text-only prompts containing special-token placeholders without matching image or video data. A remote user can send a specially crafted request to cause a denial of service.

Only deployments serving vision-language models through OpenAI-compatible endpoints that accept raw user text are affected.

2) Incorrect Calculation of Buffer Size (CVE-ID: N/A)

CWE-ID: CWE-131 - Incorrect Calculation of Buffer Size

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to cause a denial of service.

The vulnerability exists due to incorrect calculation of buffer size in the extract_hidden_states speculative decoding proposer when processing requests with sampling penalty parameters. A remote user can send a specially crafted request with a penalty parameter to cause a denial of service.

Only deployments configured with extract_hidden_states speculative decoding are vulnerable.

Remediation

Install update from vendor's website.

References

• https://github.com/vllm-project/vllm/security/advisories/GHSA-hpv8-x276-m59f
• https://github.com/vllm-project/vllm/security/advisories/GHSA-83vm-p52w-f9pw
• https://github.com/vllm-project/vllm/pull/38610