What happened
vLLM's audio endpoints read the entire uploaded file into memory prior to enforcing the configured maximum file size, defeating the purpose of the limit and enabling a memory-exhaustion denial of service.
Why it matters
A narrow but real DoS vector against a specific vLLM feature (audio transcription) already fixed within a point release; low blast radius relative to the other vLLM CVEs in this batch but still worth tracking for anyone on 0.22.0–0.23.0.
Attack vector
The audio transcription/translation routes call request.file.read() to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLM_MAX_AUDIO_CLIP_FILESIZE_MB limit, letting an attacker upload an oversized file to exhaust server memory before the size check rejects it.
Affected systems
vLLM, versions 0.22.0 to 0.23.0
Mitigation
Upgrade to vLLM >= 0.24.0, which enforces the file-size limit before full materialization.