%20(1).webp?w=1600&resize=1600,900&ssl=1)
NVIDIA has released a crucial security update for its TensorRT-LLM Framework, addressing a high-severity vulnerability that could expose users to significant risks, including remote code execution, data tampering, and information disclosure.
The vulnerability, tracked as CVE-2025-23254, affects all platforms and all versions of TensorRT-LLM before 0.18.2.
Vulnerability Details
The flaw resides in the Python executor component of TensorRT-LLM, specifically in its socket-based Inter-Process Communication (IPC) system, which utilizes Python’s pickle serialization and deserialization.
If exploited by an attacker with local access to the TRTLLM server, the vulnerability could allow for arbitrary code execution, unauthorized access to sensitive information, and manipulation of data.
NVIDIA has assigned this vulnerability a CVSS base score of 8.8, categorizing it as “High” severity. The underlying cause is improper data validation during deserialization, classified under CWE-502.
Security Enhancement and Mitigation
To counteract this threat, NVIDIA has introduced a security enhancement: HMAC (Hash-based Message Authentication Code) encryption is now enabled by default for all socket-based IPC operations in both the main and release branches of TensorRT-LLM.
This measure is designed to ensure the integrity and authenticity of serialized data exchanged between processes.
NVIDIA strongly advises users not to disable this encryption feature.
Disabling it (by setting use_hmac_encryption = False in the relevant configuration files) will reintroduce the vulnerability and leave systems exposed to potential attacks.
Affected Products and Remediation
The vulnerability affects all versions of NVIDIA TensorRT-LLM before 0.18.2 on Windows, Linux, and macOS.
Users are urged to update immediately to version 0.18.2 or later by downloading the latest release from the official GitHub repository.
Risk Factor Table
| CVE ID | Description | Base Score | Severity | CWE | Impacts | Affected Versions | Fixed Version |
|---|---|---|---|---|---|---|---|
| CVE-2025-23254 | Vulnerability in Python executor allowing code execution, info disclosure, data tampering | 8.8 | High | CWE-502 | Code execution, info disclosure, tampering | < 0.18.2 | 0.18.2 |
Recommendations
- Update Immediately: Upgrade to TensorRT-LLM v0.18.2 or later to mitigate the vulnerability.
- Do Not Disable HMAC Encryption: Ensure that the default security setting remains enabled to prevent exploitation.
- Monitor Security Bulletins: Subscribe to NVIDIA’s security notifications for timely updates.
Acknowledgements
NVIDIA credits Avi Lumelsky of Oligo Security for reporting CVE-2025-23254.
For further information or support, users are encouraged to visit the NVIDIA Product Security page or contact NVIDIA Support.
Summary:
This security bulletin underscores the importance of prompt software updates and adherence to recommended security configurations.
The swift action by NVIDIA highlights the ongoing need for vigilance in the face of evolving software threats.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The vulnerability, tracked as CVE-2025-23254, affects all platforms and all versions of TensorRT-LLM prior to 0.18.2.){kind=link}