Listen to this Post
How the CVE Works
The identified ReDoS vulnerabilities in vLLM stem from inefficient regex patterns that exhibit catastrophic backtracking when processing malicious inputs. For example, the regex `r”\((.?)\)\$?$”` in `lora/utils.py` fails to handle nested parentheses efficiently, causing exponential time complexity with inputs like ((((a|)+)+)+). Similarly, `r’functools\[(.?)\]’` in `phi4mini_tool_parser.py` is vulnerable to crafted bracket sequences, while `r’.”parameters”:\s(.)’` and `r’\{.\}’` in other files risk excessive backtracking on long or malformed strings. Attackers can exploit these to stall CPU resources, leading to denial of service.
DailyCVE Form
Platform: vLLM
Version: <= 0.4.1
Vulnerability: ReDoS
Severity: Critical
Date: 2024-06-10
Prediction: Patch by 2024-07-15
What Undercode Say:
Exploitation Commands
1. Payload Crafting:
malicious_input = "(((" + "a|" 1000 + ")+)+)+)" Triggers ReDoS in lora/utils.py
2. Benchmark Attack:
curl -X POST http://vllm-server/chat -d '{"text": "{" + "x" 10000 + "}"}' Targets benchmark_serving_structured_output.py
Mitigation Code
1. Input Validation:
def safe_regex_match(text, max_len=100):
if len(text) > max_len:
raise ValueError("Input too long")
return re.match(r"(([^)]{1,100}))$", text) Stricter pattern
2. JSON Parsing Alternative:
import json
def extract_json_safely(text):
try:
return json.loads(text[text.find("{"):text.rfind("}")+1])
except ValueError:
return None
Analytics
- Attack Surface: High (public APIs, user-controlled inputs).
- Detection: Log regex timeouts (>2s) via
re.settimeout(2). - Hotfix: Temporarily disable vulnerable endpoints or enforce input length limits in NGINX:
location /api/chat { client_max_body_size 1k; }
Patch Guidance
- Replace greedy quantifiers (
.) with bounded ones (.{1,100}). - Use `re.compile()` with `re.DEBUG` to audit backtracking steps.
- Integrate regex static analysis tools (e.g.,
regexploit).
References
No additional commentary beyond rules.
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
