CVE-2024-3568 LOW

CVE-2024-3568: Arbitrary Code Execution via Deserialization in huggingface/transformers

Vendor Huggingface

Product huggingface/transformers

Weakness CWE-502 · Unsafe deserialization

Published April 10, 2024

Last update August 1, 2024

View on NVD All CVEs

CVSS base score

3.4/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction Required

Confidentiality None

Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine.

Key dates

02Disclosure timeline

April 10, 2024 CVE published

August 1, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-3568 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

Identifiers

CVE CVE-2024-3568

CWE CWE-502

CVSS 3.4 / LOW

Affected versions