Safe Harbor or Hostile Waters - Unveiling the Hidden Perils of the TorchScript Engine in PyTorch
-
58
-
- Write review
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
The Fastest Way to Become a Backend Developer Online
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a critical security vulnerability discovered in PyTorch's TorchScript engine through this 37-minute Black Hat conference presentation. Delve into the research that challenged the long-held belief that PyTorch's weights_only=True parameter provides complete security when loading models. Learn how security researchers from Alibaba Cloud uncovered that torch.load with weights_only=True still supports TorchScript, leading to the discovery of multiple vulnerabilities that enable Remote Code Execution (RCE). Understand the methodology behind discovering CVE-2025-32434, which overturns established security assumptions about PyTorch model loading. Examine the profound implications this vulnerability has for AI applications and machine learning security practices. Gain insights into the research process that led to this discovery and understand why seemingly safe security measures can still harbor hidden dangers in popular deep learning frameworks.
Syllabus
Safe Harbor or Hostile Waters: Unveiling the Hidden Perils of the TorchScript Engine in PyTorch
Taught by
Black Hat