MooreThreads torch_musa Unsafe Deserialization Vulnerability in compare_tool Module Allowing Remote Code Execution

A vulnerability allowing unsafe deserialization has been identified in the MooreThreads torch_musa library, specifically within the utility module 'torch_musa.utils.compare_tool'. This vulnerability exists in all versions of the library. The issue arises in two functions, 'compare_for_single_op' and 'nan_inf_track_for_single_op', which use 'pickle.load()' to deserialize user-controlled file paths without proper validation. This flaw enables arbitrary code execution, as an attacker can create a malicious pickle file that executes Python code when loaded, potentially leading to remote code execution with the privileges of the victim process.

Impact

Exploitation of this vulnerability allows for arbitrary code execution, with the executed code running under the privileges of the user who initiated the process.

Reproduction

The vulnerability can be reproduced by creating a malicious pickle file that, when deserialized by the vulnerable functions, executes arbitrary code. This can be done by crafting a pickle file that includes a payload designed to execute a command or script during the unpickling process. Once the malicious file is created, it can be loaded using the vulnerable functions, triggering the execution of the embedded code.