Impact
Dgl implements rpc server (start_server() in rpc_server.py) for supporting the RPC communications among different remote users over networks. It relies on pickle serialize and deserialize to pack and unpack network messages. The is a known risk in pickle deserialization functionality that can be used for remote code execution.
Patches
TBD.
Workarounds
When running DGL distributed training and inference (DistDGL) make sure you do not assign public IPs to any instance in the cluster.
References
Issue #7874
Reported by
Pinji Chen ([email protected]) from NISL lab (https://netsec.ccert.edu.cn/about) at Tsinghua University
Impact
Dgl implements rpc server (start_server() in rpc_server.py) for supporting the RPC communications among different remote users over networks. It relies on pickle serialize and deserialize to pack and unpack network messages. The is a known risk in pickle deserialization functionality that can be used for remote code execution.
Patches
TBD.
Workarounds
When running DGL distributed training and inference (DistDGL) make sure you do not assign public IPs to any instance in the cluster.
References
Issue #7874
Reported by
Pinji Chen ([email protected]) from NISL lab (https://netsec.ccert.edu.cn/about) at Tsinghua University