Qiskit SDK Denial-of-Service Vulnerability via Malicious QPY File

A denial-of-service vulnerability has been identified in Qiskit SDK versions 0.45.0 through 1.2.4. This issue allows remote attackers to cause a segmentation fault in the symengine library by using a maliciously crafted QPY file. The file contains a malformed symengine serialization stream, which can disrupt the normal operation of the application by terminating the hosting process.

Impact

Exploitation of this vulnerability leads to a segmentation fault in the symengine library, causing a denial-of-service condition by abruptly terminating the hosting process.

Reproduction

The vulnerability can be reproduced by creating a QPY file that includes a malformed symengine serialization stream. When this file is loaded using the Qiskit QPY load function, the symengine library will encounter a segmentation fault, demonstrating the denial-of-service condition.

Remediation

Users can upgrade to Qiskit 1.3.0 and use QPY format version 13 to address this vulnerability. For those using symengine 0.13.0, applying a specific commit available on the symengine GitHub repository can patch the library to prevent the segmentation fault. It's also possible to check if a QPY file is potentially vulnerable by using a custom Python function that inspects the file's header for signs of a harmful payload.