Fixed arbitary code execution on tensorflow/tpu

[Asjidkalam]

📊 Metadata *

Arbitrary code exec vulnerability

Bounty URL: https://www.huntr.dev/bounties/1-other-tpu

⚙️ Description *

Arbitrary Code Excecution in tensorflow/tpu.This repository is a collection of reference models and tools used with Cloud TPUs

💻 Technical Description *

This package was vulnerable to Arbitrary code execution due to a use of a known vulnerable function load() in pyyaml. Changing that to safe_load or using SafeLoader will fix the issue.

🐛 Proof of Concept (PoC) *

Install the package and run the below code:

// poc.js
import params_dict
exploit = params_dict.read_yaml_to_params_dict('exploit.yml')
print(exploit)

//exploit.yml
!!python/object/new:type
  args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
  listitems: "__import__('os').system('xcalc')"

🔥 Proof of Fix (PoF) *

After applying the fix, run the PoC again, calc wont pop and no code will be executed. Hence code exec is mitigated.

👍 User Acceptance Testing (UAT)

Only safe_load is used, which is the safer function, no breaking changes introduced.

[mzfr]

LGTM!

[Mik317]

LGTM 😄 🍰

Cheers,
Mik

[huntr-helper]

Congratulations Asjidkalam - your fix has been selected! 🎉

Thanks for being part of the community & helping secure the world's open source code.
If you have any questions, please respond in the comments section, or hit us up on Discord. Your bounty is on its way - keep hunting!

Come join us on Discord