{"id":"CVE-2026-49121","summary":"AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE via MessageQueue.recv() Pickle Deserialization","details":"AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv() function within shm_broadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket with no authentication, HMAC, or format validation. Attackers who can reach the writer XPUB endpoint on the cluster network or supply a forged Handle with an attacker-controlled remote_subscribe_addr can deliver a crafted pickle payload that executes arbitrary code simultaneously as the inference worker process on every remote reader worker.","modified":"2026-07-08T08:18:42.254177318Z","published":"2026-06-01T17:09:18.607Z","database_specific":{"cna_assigner":"VulnCheck","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/49xxx/CVE-2026-49121.json","cwe_ids":["CWE-502"]},"references":[{"type":"WEB","url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-49121.json"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2026-49121"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/49xxx/CVE-2026-49121.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-49121"},{"type":"ADVISORY","url":"https://www.vulncheck.com/advisories/ai-tensor-engine-for-rocm-aiter-unauthenticated-rce-via-messagequeue-recv-pickle-deserialization"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483882"},{"type":"REPORT","url":"https://github.com/ROCm/aiter/issues/3076"},{"type":"REPORT","url":"https://github.com/ROCm/aiter/pull/3170"},{"type":"PACKAGE","url":"https://github.com/ROCm/aiter"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rocm/aiter","events":[{"introduced":"0"},{"last_affected":"bd0534e9630f8f142f51689f5808c627460e35bf"}],"database_specific":{"source":["AFFECTED_FIELD","CPE_RANGE"],"extracted_events":[{"introduced":"0"},{"last_affected":"0.1.14"}],"cpe":"cpe:2.3:a:amd:aiter:*:*:*:*:*:*:*:*"}}],"versions":["v0.1.14","v0.1.12.post1","v0.1.14-rc0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-49121.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}]}