From e8a1ecbee721f48dcfa0ff9a20f4bfc423636ed6 Mon Sep 17 00:00:00 2001 From: tuanaiseo Date: Tue, 7 Apr 2026 06:15:58 +0700 Subject: [PATCH] fix(security)(accelerate): unverified remote wheel installation enables suppl The helper installs `torch_xla` directly from a remote URL using `pip install` without pinning a hash/signature. If the wheel source is tampered with, users can execute attacker-controlled code during installation. Affected files: torch_xla.py Signed-off-by: tuanaiseo <221258316+tuanaiseo@users.noreply.github.com> --- src/accelerate/utils/torch_xla.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/accelerate/utils/torch_xla.py b/src/accelerate/utils/torch_xla.py index 140133926c2..fdcba097847 100644 --- a/src/accelerate/utils/torch_xla.py +++ b/src/accelerate/utils/torch_xla.py @@ -44,8 +44,7 @@ def install_xla(upgrade: bool = False): # get the current version of torch torch_version = importlib.metadata.version("torch") torch_version_trunc = torch_version[: torch_version.rindex(".")] - xla_wheel = f"https://storage.googleapis.com/tpu-pytorch/wheels/colab/torch_xla-{torch_version_trunc}-cp37-cp37m-linux_x86_64.whl" - xla_install_cmd = ["pip", "install", xla_wheel] + xla_install_cmd = ["pip", "install", f"torch_xla=={torch_version_trunc}"] subprocess.run(xla_install_cmd, check=True) else: raise RuntimeError("`install_xla` utility works only on google colab.")