Plataforma
python
Componente
llama_index
Corrigido em
0.10.24
A critical Remote Code Execution (RCE) vulnerability (CVE-2024-3098) has been identified in LlamaIndex versions up to 0.10.24. This flaw stems from insufficient input validation within the safeeval function of the executils class, allowing attackers to inject malicious prompts. Successful exploitation can bypass method restrictions and lead to the execution of arbitrary code on the affected system, effectively creating a file.
The impact of CVE-2024-3098 is severe. An attacker can leverage prompt injection to execute arbitrary code, potentially gaining complete control over the system running LlamaIndex. This includes the ability to read, write, and execute files, install malware, and compromise sensitive data. The vulnerability bypasses previous mitigations for CVE-2023-39662, indicating a sophisticated attack surface. The demonstrated proof-of-concept involves creating files on the system, highlighting the potential for persistent compromise and data exfiltration. The blast radius extends to any application or service relying on vulnerable LlamaIndex instances.
CVE-2024-3098 is a high-priority vulnerability due to its CRITICAL CVSS score and the demonstrated proof-of-concept. It was publicly disclosed on April 10, 2024. The vulnerability bypasses previous mitigations for CVE-2023-39662, suggesting a potential for broader exploitation. No KEV listing or active exploitation campaigns have been publicly confirmed as of this writing, but the ease of exploitation and the severity of the impact warrant immediate attention.
Organizations utilizing LlamaIndex for applications involving natural language processing, data indexing, and question answering are at risk. This includes developers building AI-powered chatbots, knowledge retrieval systems, and other applications that rely on LlamaIndex's functionality. Specifically, those using older versions of LlamaIndex or those with less stringent input validation practices are particularly vulnerable.
• python / server:
import os
import subprocess
# Check for LlamaIndex version
process = subprocess.Popen(['pip', 'show', 'llama-index'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
if b'Version:' in stdout:
version_line = stdout.splitlines()[stdout.index(b'Version:') + 1]
version = version_line.decode('utf-8').strip()
if version <= '0.10.24':
print(f'Vulnerable LlamaIndex version detected: {version}')• linux / server:
ps aux | grep llama_index
# Look for unusual processes or arguments• generic web: Inspect LlamaIndex API endpoints for prompt injection vulnerabilities. Test with specially crafted prompts designed to execute system commands.
disclosure
patch
Status do Exploit
EPSS
0.19% (percentil 41%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-3098 is to immediately upgrade LlamaIndex to version 0.10.24 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing strict input validation and sanitization on all prompts passed to LlamaIndex. While a WAF or proxy cannot directly prevent prompt injection, they can be configured to detect and block suspicious patterns. Monitor system logs for unusual file creation activity or unexpected process executions. Review and restrict the permissions granted to the LlamaIndex process to minimize potential damage in case of exploitation.
Atualize a biblioteca `llama_index` para a versão 0.10.24 ou superior. Isso corrigirá a vulnerabilidade de injeção de prompt que permite a execução de código arbitrário. Utilize o gerenciador de pacotes pip para realizar a atualização: `pip install llama_index --upgrade`.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-3098 is a critical Remote Code Execution vulnerability in LlamaIndex versions up to 0.10.24. It allows attackers to execute arbitrary code through prompt injection due to insufficient input validation.
You are affected if you are using LlamaIndex version 0.10.24 or earlier. Upgrade to 0.10.24 or later to mitigate the risk.
The recommended fix is to upgrade LlamaIndex to version 0.10.24 or later. If upgrading is not possible, implement strict input validation and sanitization.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future exploitation.
Refer to the LlamaIndex security advisory for detailed information and updates: [https://github.com/run-llama/llamaindex/security/advisories/GHSA-9835-5946-4997](https://github.com/run-llama/llamaindex/security/advisories/GHSA-9835-5946-4997)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo requirements.txt e descubra na hora se você está afetado.