NVIDIA Megatron LM Flaw Allows Attackers to Inject Malicious Code
NVIDIA has issued an urgent security update for its open-source Megatron-LM framework, following the discovery of two critical vulnerabilities that could allow attackers to inject and execute malicious code on affected systems.
The flaws, tracked as CVE-2025-23264 and CVE-2025-23265, impact all platforms running Megatron-LM versions prior to 0.12.0 and have prompted a swift response from NVIDIA’s security team.
| CVE ID | Description | CVSS v3.1 Score | Severity |
| CVE-2025-23264 | Python component code injection via malicious file, leading to code execution, privilege escalation, info disclosure, data tampering | 7.8 | High |
| CVE-2025-23265 | Python component code injection via malicious file, leading to code execution, privilege escalation, info disclosure, data tampering | 7.8 | High |
Double Injection Risk in Megatron-LM
Megatron-LM is widely used for training large transformer-based neural networks, making it a foundational tool in enterprise AI, high-performance computing, and research environments.
The newly disclosed vulnerabilities stem from insecure input handling within a Python component of the framework.
Attackers can exploit these flaws by providing a specially crafted malicious file, triggering a code injection pathway that could lead to remote code execution, escalation of privileges, information disclosure, and data tampering.
NVIDIA’s security bulletin warns that a successful exploit does not require user interaction and can be carried out with low attack complexity, raising the risk profile for automated model loading and dynamic pipeline configurations—common in modern AI workflows.
Both vulnerabilities have been assigned a CVSS v3.1 base score of 7.8, categorizing them as “High” severity.
The underlying issue is classified under CWE-94: Improper Control of Generation of Code (‘Code Injection’).
If left unpatched, these flaws could compromise the integrity and confidentiality of AI models and the sensitive data they process.
Security Update and Mitigation
NVIDIA has released Megatron-LM version 0.12.1, which addresses both CVE-2025-23264 and CVE-2025-23265.
Users and organizations are strongly advised to update their installations immediately to mitigate the risk. The vulnerabilities affect all earlier versions, including those on alternative software branches.
The security issues were responsibly disclosed by researchers Yu Rong and Hao Fan, who have been acknowledged by NVIDIA for their contributions.
As AI adoption accelerates, the security of foundational frameworks like Megatron-LM becomes increasingly critical.
Organizations leveraging Megatron-LM should prioritize patching to maintain the integrity of their AI infrastructure and protect sensitive assets.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates
Source link
