6

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-8375

GHSA ID

GHSA-w69q-w4h4-2fx8

EPSS Score

0.16571%

CWE

CWE-502

Published

9/19/2024

Updated

9/19/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-8375

CVE-2024-8375:
Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance. Afterwards, Reverb copies the content in tensor_content to the previously mentioned pre-allocated memory, which results in the bytes in tensor_content overwriting the vtable pointers of all the objects which were previously allocated. Reverb exposes 2 relevant gRPC endpoints: InsertStream and SampleStream. The attacker can insert this stream into the server’s database, then when the client next calls SampleStream they will unpack the tensor into RAM, and when any method on that object is called (including its destructor) the attacker gains control of the Program Counter. We recommend upgrading past git commit https://github.com/google-deepmind/reverb/commit/6a0dcf4c9e842b7f999912f792aaa6f6bd261a25

(GitHub Advisory)

6

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-8375

GHSA ID

GHSA-w69q-w4h4-2fx8

EPSS Score

0.16571%

CWE

CWE-502

Published

9/19/2024

Updated

9/19/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
dm-reverb	pip	<= 0.14.0
dm-reverb-nightly	pip	<= 0.15.0.dev20240214

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper handling of VARIANT dtype tensors during serialization/deserialization. The patch adds an IsSupported check to explicitly block VARIANT processing in these functions. Pre-patch versions lacked these safeguards, allowing: 1) Compression of VARIANT tensors (via CompressTensorAsProto) which stores malicious tensor_content, and 2) Decompression (via DecompressTensorFromProto) which reconstructs objects with overwritten vtable pointers. The direct modification of these functions in the security commit and added test cases confirm their central role in the exploit chain.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T**r* *xists * us* **t*r *r** vuln*r**ility in R*v*r*. R*v*r* supports t** V*RI*NT **t*typ*, w*i** is suppos** to r*pr*s*nt *n *r*itr*ry o*j**t in *++. W**n * t*nsor proto o* typ* V*RI*NT is unp**k**, m*mory is *irst *llo**t** to stor* t** *ntir* t*n

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* `V*RI*NT` *typ* t*nsors *urin* s*ri*liz*tion/**s*ri*liz*tion. T** p*t** ***s *n `IsSupport**` ****k to *xpli*itly *lo*k `V*RI*NT` pro**ssin* in t**s* *un*tions. Pr*-p*t** v*rsions l**k** t**s* s****u*

6

Basic Information

Concerned about an active attack path?

CVE-2024-8375: Reverb use after free vulnerability

6

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2024-8375:
Reverb use after free vulnerability

Vulnerability Intelligence
Miggo AI