The vulnerability occurs when a worker node serializes and sends a Python User Defined Function (PythonUDF) to the master node. The master node then deserializes and executes the function without proper validation. This lack of restriction on function calls enables remote attackers to compromise master nodes, leading to potential theft of sensitive AI-related data.
According to a NIST advisory, this vulnerability allows worker nodes to serialize and package functions and tensors into a PythonUDF, which is then sent to the master node. The master node’s deserialization process and subsequent function execution can be exploited to perform remote code execution using functions like ‘eval’.
CVE-2024-5480 has been assigned a CVSS score of 10, the highest severity rating. It impacts PyTorch versions up to 2.2.2, and users are strongly advised to upgrade to the latest version, 2.3.1, to mitigate this risk. The vulnerability was reported on April 12, 2024, highlighting the urgent need for organizations using PyTorch in distributed training environments to implement the necessary security updates.
This critical vulnerability underscores the importance of robust security measures in AI and machine learning frameworks. As AI models and training data become increasingly valuable targets, organizations must prioritize regular updates, thorough testing, and proactive monitoring to protect against such severe security threats.
Source: SecurityWeek
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.