Bug 2491578 (CVE-2026-54233)

Summary: CVE-2026-54233 vllm: vLLM: Denial of Service via excessive memory allocation in audio transcription
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: alinfoot, bbrownin, dtrifiro, jkoehler, lphiri, rbryant, weaton
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker could exploit a vulnerability in the `/v1/audio/transcriptions` endpoint. By uploading a specially crafted compressed audio file, such as an OPUS file, the attacker could cause the system to allocate an excessive amount of memory during the decoding process. This uncontrolled memory allocation can lead to a Denial of Service (DoS) condition, making the service unavailable to legitimate users.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-06-22 23:01:11 UTC
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0.