Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm
vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.
2. vllm: vLLM: Denial of Service via unbounded video frame processing
A flaw was found in vLLM. An attacker can exploit this vulnerability by sending a specially crafted API request containing an excessive number of base64-encoded JPEG frames within a data URL. This unbounded processing of frames in the `VideoMediaIO.load_base64()` method leads to an Out-of-Memory (OOM) condition, causing the server to crash and resulting in a Denial of Service (DoS).
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.