CVE-2025-62609: 
Python vulnerability analysis and mitigation

CVE-2025-62609 is a vulnerability discovered in MLX library affecting versions <=0.29.3, disclosed on November 21, 2025. The vulnerability involves a wild pointer dereference in the load_gguf() function when loading GGUF files, which can lead to application crashes (GitHub Advisory). The issue has been assigned a moderate severity rating with a CVSSv3 score of 5.3 (Red Hat Security).

The vulnerability exists in mlx/io/gguf.cpp within the extracttensordata() function at lines 59-79. The issue stems from an untrusted pointer from the external gguflib library being dereferenced without proper validation during a memcpy operation. The vulnerable code performs a memory copy operation using tensor->weights_data without validating the pointer, which can result in a segmentation fault when processing maliciously crafted GGUF files (GitHub Advisory).

When exploited, this vulnerability results in a segmentation fault that cannot be caught by exception handlers. The issue affects MLX users on all platforms who call the vulnerable method with unsanitized input, particularly when processing GGUF files from untrusted sources (GitHub Advisory).

The vulnerability has been patched in version 0.29.4. The fix includes adding pointer validation before the memcpy operation by checking if tensor->weights_data is NULL and throwing a runtime error if the validation fails (GitHub Advisory).

The vulnerability was discovered and reported by security researchers from ARIMLABS, including Markiyan Melnyk, Mykyta Mudryi, and Markiyan Chaklosh (GitHub Advisory).