Lumiverse Spindle Extension Host-Level Code Execution Vulnerability

A critical vulnerability in the Lumiverse AI chat application, specifically in versions prior to 0.9.7, allows for host-level code execution via the Spindle extension build pipeline. The issue arises because 'bun install' is executed without the '--ignore-scripts' flag, enabling malicious extensions to run lifecycle scripts before any distribution files are reviewed. This vulnerability is particularly concerning for extensions that include 'preinstall', 'postinstall', or 'prepare' scripts, as they can execute code on the server the moment an admin initiates the installation. The problem is compounded by the fact that the update process can inadvertently introduce malicious behavior by executing newly added scripts from previously benign extensions.

Impact

Exploitation of this vulnerability leads to full operating system-level code execution as the user running the server process, occurring at the time of installation. This execution bypasses the application's static safety scan, which is intended to identify such risks. The vulnerability affects both new installations and existing ones that are updated, as the application's update process can inadvertently activate malicious scripts. Additionally, the vulnerability requires an admin or owner role to exploit.

Reproduction

To reproduce this vulnerability, create an extension repository that includes a 'package.json' file with a 'postinstall' script designed to execute code, such as writing a file to the filesystem. Once the extension is published, an admin user can install it through the Spindle UI. During the installation, 'bun install' will execute the 'postinstall' script before the static safety scan is performed, resulting in code execution on the server.

Remediation

Users can upgrade to Lumiverse version 0.9.7 or later, where this vulnerability has been patched. For those using affected versions, the 'Spindle' extension manager can be manually updated to version 0.9.7.