DeepJavaLibrary (DJL) is a widely used engine-agnostic deep learning framework in Java. It is designed to facilitate developing and deploying deep learning models seamlessly and efficiently. With the increasing adoption and importance of the DJL framework, the security of the framework has become a critical consideration for developers and users alike.
Recently, a vulnerability was discovered in DJL versions .1. through .27., affecting the handling of absolute path archived artifacts. This vulnerability has been assigned the CVE identifier CVE-2024-37902.
What is the vulnerability?
The vulnerability occurs due to the improper handling of absolute path archived artifacts in DJL versions .1. through .27.. When extracting files from an archived artifact, DJL does not check the validity of the extracted file's path, allowing a malicious archive to include files with absolute paths. This can lead to malicious files overwriting critical system files, effectively granting potential attackers full control over the affected system.
Here is a proof-of-concept (PoC) code snippet which demonstrates the vulnerability
import ai.djl.Application;
import ai.djl.Model;
import ai.djl.repository.zoo.ModelZoo;
public class CVE_2024_37902_Exploit {
public static void main(String[] args) throws Exception {
Model model = ModelZoo.loadModel(Application.CV.IMAGE_CLASSIFICATION, "malicious.tar.gz");
// The model is loaded with the malicious artifact at "malicious.tar.gz", causing an exploitation of the vulnerability
}
}
In this code snippet, the malicious archive malicious.tar.gz is loaded into the model. Since DJL doesn't check the validity of the extracted file's path, files with the absolute path inside the archive will overwrite the system files, leading to the exploit.
Solution and mitigation
The DJL development team has addressed this vulnerability by releasing a patch in version .28.. Additionally, the patched version for the DJL Large Model Inference containers is .27.. Users should upgrade to these versions to eliminate the vulnerability.
For more information on this vulnerability, below are some relevant links
- Original CVE Announcement
- DJL GitHub Repository
- DJL Release Notes
In conclusion, if you are a user of DJL, make sure to update your projects with the patched version .28. or later, and if you are using DJL Large Model Inference containers, make sure to use version .27. or later. Adhering to proper security practices and ensuring the use of the latest stable releases of libraries and frameworks are necessary to protect your projects from potential threats and vulnerabilities.
Timeline
Published on: 06/17/2024 20:15:14 UTC
Last modified on: 06/20/2024 12:44:22 UTC