imartinez/privategpt 中的本地文件包含漏洞

该本地文件包含漏洞的潜在影响非常严重。攻击者可以利用该漏洞读取私有 SSH 密钥，从而获得对服务器的完全控制权。此外，攻击者还可以访问和泄露其他敏感文件，例如数据库凭据、配置文件和源代码。源代码泄露将使攻击者能够识别和利用其他漏洞，从而进一步扩大攻击范围。该漏洞的爆发可能导致数据泄露、服务中断和声誉受损。

Organizations and individuals utilizing privategpt, particularly those deploying it in environments with sensitive data or SSH keys, are at risk. Shared hosting environments where multiple users share the same server instance are particularly vulnerable, as an attacker could potentially compromise the entire environment through this vulnerability. Users relying on privategpt for processing confidential documents are also at increased risk.

• python: Monitor file system access logs for unusual read attempts targeting files outside of expected directories.

import os
import logging

logging.basicConfig(filename='filesystem_access.log', level=logging.INFO)

def check_file_access(filepath):
    try:
        with open(filepath, 'r') as f:
            content = f.read()
        logging.info(f'Accessed: {filepath}')
    except Exception as e:
        logging.warning(f'Error accessing {filepath}: {e}')

# Example usage (replace with your file paths)
check_file_access('/etc/shadow')

• linux / server: Use auditd to monitor file access events, specifically focusing on the privategpt process.

ausearch -m audit -k privategpt_file_access | less

• generic web: Examine web server access logs for requests containing suspicious filenames or paths in the file upload parameters. Look for patterns indicative of directory traversal attempts.

1. 2024-05-16Disclosure

   disclosure

1. 已保留2024-04-05
2. 发布日期2024-05-16
3. 修改日期2024-08-01
4. EPSS 更新日期2026-04-02

由于该漏洞是本地文件包含，直接升级到修复版本是首选的缓解措施。如果升级导致系统不稳定，可以考虑回滚到之前的稳定版本，并严格限制文件上传功能。实施严格的文件验证和过滤，确保只允许上传预期类型的文件。配置 Web 应用防火墙 (WAF) 或代理服务器，以检测和阻止恶意文件上传请求。监控系统日志，查找可疑的文件访问活动。