Kingdom: Input Validation and Representation
Input validation and representation problems ares caused by metacharacters, alternate encodings and numeric representations. Security problems result from trusting input. The issues include: "Buffer Overflows," "Cross-Site Scripting" attacks, "SQL Injection," and many others.
Dynamic Code Evaluation: Unsafe TensorFlow Deserialization
Abstract
Allowing unsafe deserialization in TensorFlow can enable arbitrary code execution through lambdas, posing significant security risks to applications.
Explanation
When using TensorFlow,
Example 1: The following Python code illustrates how enabling unsafe deserialization can be exploited if the serialized data is not secure:
This example demonstrates the potential danger when enable_unsafe_deserialization() is used without ensuring that the source of the data is completely secure.
enable_unsafe_deserialization()
allows an attacker to deserialize lambdas or other Python callable objects. While this feature is useful for flexibility and restoring complex models, it opens up vulnerabilities if the serialized data can be.Example 1: The following Python code illustrates how enabling unsafe deserialization can be exploited if the serialized data is not secure:
import tensorflow as tf
tf.keras.config.enable_unsafe_deserialization()
model = tf.keras.models.load_model('evilmodel_tf.keras')
model([])
This example demonstrates the potential danger when enable_unsafe_deserialization() is used without ensuring that the source of the data is completely secure.
desc.structural.python.dynamic_code_evaluation_unsafe_tensorflow_deserialization