Critical vulnerability in PyTorch distributed RPC framework
Take action: If you are using PyTorch in distributed training scenarios, plan to patch quickly. For everyone else, it's wise to apply the PyTorch patch, but no need for a panic mode.
Learn More
PyTorch, a widely used machine learning library, has addressed a critical vulnerability that could be exploited for remote code execution.
The flaw, tracked as CVE-2024-5480 (CVSS score 10), affects the library's distributed RPC (Remote Procedure Call) framework. The vulnerability is caused by the framework's failure to verify functions called during RPC operations, allowing remote attackers to execute arbitrary commands on master nodes, potentially leading to the theft of sensitive AI-related data.
The vulnerability is located in the torch.distributed.rpc component of PyTorch, which facilitates inter-process communication in distributed training scenarios. In these scenarios, tasks are distributed among multiple worker nodes controlled by a master node. The framework does not restrict function calls when a worker node serializes a PythonUDF (User Defined Function) and sends it to the master node. The master node then deserializes and executes the function without validation, allowing an attacker to execute arbitrary commands using built-in Python functions like eval.
Affected Versions are PyTorch version 2.2.2 and prior.
Remote attackers can exploit this vulnerability to compromise master nodes initiating distributed training. This could result in the theft of sensitive AI-related data, including training data, model parameters or sensitive business data used in model training
PyTorch has released a patch in version 2.3.1 that addresses this vulnerability. Users are strongly advised to update to the latest version.
For more information and to read the full advisory, visit the following links:
References:
- NIST Vulnerability Database (NIDEC CORPORATION)
- PyTorch GitHub Repository (NIDEC CORPORATION)
- Wikipedia Entry on Nidec (Wikipedia)
By addressing this vulnerability promptly, PyTorch has taken a crucial step in securing its framework and protecting the data integrity of its users in the AI and machine learning community.
