BentoML Denial-of-Service Vulnerability via Multipart Boundary Processing

A denial-of-service (DoS) vulnerability has been identified in BentoML version v1.3.4post1. This issue arises in the file upload request, where an attacker can append a large number of characters, such as dashes, to the end of a multipart boundary in an HTTP request. The server then processes each character individually, leading to excessive resource consumption and causing the service to become unavailable. This vulnerability is unauthenticated, requires no user interaction, and affects all users of the service.

Impact

Exploitation of this vulnerability causes severe resource exhaustion on the server, overwhelming its capacity and leading to unresponsiveness. As a result, the service becomes unavailable to all users. This issue can be particularly problematic if the affected service is deployed on BentoCloud, where such attacks could disrupt live services.

Reproduction

The vulnerability can be reproduced by sending a multipart file upload request to an endpoint that processes file uploads. The request must include a multipart boundary that has been artificially extended with a large number of characters, such as dashes. This can be done using a Python script that utilizes the 'requests' library to send the modified multipart data to the server. The same approach can be applied to different endpoints that accept file uploads, such as '/encode_image', '/rank', or '/summarize'.