Feast Remote Code Execution Vulnerability in Kubernetes Materializer

A remote code execution vulnerability has been identified in Feast version 0.53.0, specifically within the Kubernetes materializer job. The issue arises from the deserialization of YAML configuration files using an unsafe loader, which allows for the execution of arbitrary OS commands on the worker pod. This vulnerability can be exploited by modifying the YAML files before they are validated by Feast, potentially leading to severe consequences such as cluster takeover, data poisoning, and supply-chain sabotage.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the worker pod, with potential escalation to cluster-wide impacts. This could involve taking control of the pod, accessing internal APIs and secrets, or tampering with downstream machine learning models, leading to significant business disruptions.

Reproduction

The vulnerability can be reproduced by writing a malicious payload into the '/var/feast/feature_store.yaml' and '/var/feast/materialization_config.yaml' files. Once the payload is in place, the Kubernetes materializer job can be executed, which will trigger the deserialization of the YAML files. The embedded OS commands will be executed before the configuration is validated, demonstrating the remote code execution impact.

Remediation

The vulnerability has been fixed in Feast version 0.54.0. Users should upgrade to this version or later.