The current version of the popular NumPy library relies on unsafe default usage of a Python module that could lead to remote code execution in the context of the affected application.
The issue was raised on January 16 and affects NumPy versions 1.10 (released in 2015) through 1.16, which is the latest release at the moment, released on January 14. Efforts are underway to deliver a fix.
NumPy is one of the most popular Python libraries used in scientific computing. It is also a multi-dimensional container of generic data, which allows integration with multiple databases.
Default setting opens door to risk
The problem is with the ‘pickle‘ module, which is used for transforming Python object structures into a format that can be stored on disk or in databases, or that allows delivery across a network.
The issue was reported by security researcher Sherwel Nan, who says that if a Python application loads malicious data via the ‘numpy.load’ function an attacker can obtain remote code execution on the machine.
Loading pickled object arrays in npy files is allowed by default. The NumPy developer’s manual clearly mentions security concerns for allowing ‘pickles,’ “as loading pickled data can execute arbitrary code.” However, if pickles are disallowed, loading object arrays will no longer be possible.
The ‘allow_pickle’ parameter was introduced in NumPy 1.10 and the development team is working on a fix.
Nan told internetnewsblog that when using the ‘numpy.load’ function with the ‘allow_pickle’ parameter users should default its value to ‘False’ if they are not sure if the data is safe.
The maintainers of the project also suggest to change the default value for the ‘allow_pickle’ parameter to ‘False’ in NumPy 1.17 and display a warning when importing datasets from the internet, so that users can allow the action only if they trust the data.
Critical severity rating
The bug reported by Nan is now tracked as CVE-2019-6446 and is marked as critical, with a severity score of 9.8 out of 10, as per the Common Vulnerability Scoring System (CVSS) version 3.
The library is typically available from the official package repositories of Linux-based distributions, especially those for enterprises. SUSE security engineer Alexandros Toptsoglou says that the bug affects SUSE Linux Enterprise 15 and the SUSE Linux Enterprise 12 Service Pack 2.
NumPy is available for various Linux distributions using the RPM Package Manager (RPM). NumPy RPM mantainers are open to adding a warning very soon so that it is present in version 1.17 of the library if concerns are high enough to warrant such a move.
“If someone is extremely concerned, we could discuss backporting it or moving quicker, but that would depend a lot on whether or not downstream depends on it,” said Sebastian Berger.