Описание
qiskit_ibm_runtime.RuntimeDecoder can execute arbitrary code
Summary
deserializing json data using qiskit_ibm_runtime.RuntimeDecoder can be made to execute arbitrary code given a correctly formatted input string
Details
RuntimeDecoder is supposed to be able to deserialize JSON strings containing various special types encoded via RuntimeEncoder. However, one can structure a malicious payload to cause the decoder to spawn a subprocess and execute arbitrary code, exploiting this block of code: https://github.com/Qiskit/qiskit-ibm-runtime/blob/16e90f475e78a9d2ae77daa139ef750cfa84ca82/qiskit_ibm_runtime/utils/json.py#L156-L159
PoC
(where obviously "echo hi" can be replaced with something much more malicious)
notably the following also makes it through the runtime API, with malicious_data serialized client-side via RuntimeEncoder (and therefore presumably deserialized server-side via RuntimeDecoder?)
Impact
i don't know if qiskit_ibm_runtime.RuntimeDecoder is used server-side so this may or may not be a serious vulnerability on your end (however it's definitely a security hole for anyone using the library to deserialize third-party data)
Ссылки
- https://github.com/Qiskit/qiskit-ibm-runtime/security/advisories/GHSA-x4x5-jv3x-9c7m
- https://nvd.nist.gov/vuln/detail/CVE-2024-29032
- https://github.com/Qiskit/qiskit-ibm-runtime/commit/b78fca114133051805d00043a404b25a33835f4d
- https://github.com/Qiskit/qiskit-ibm-runtime/blob/16e90f475e78a9d2ae77daa139ef750cfa84ca82/qiskit_ibm_runtime/utils/json.py#L156-L159
Пакеты
qiskit-ibm-runtime
>= 0.1.0, < 0.21.2
0.21.2
Связанные уязвимости
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using `qiskit_ibm_runtime.RuntimeDecoder` can lead to arbitrary code execution given a correctly formatted input string. Version 0.21.2 contains a fix for this issue.