CVE-2024-10372 – This vulnerability in the buzz library allows l... (How to Fix)

Q: What is the severity of CVE-2024-10372?

CVE-2024-10372 has a CVSS score of 4.5 (MEDIUM). This vulnerability in the buzz library allows local attackers to manipulate temporary files created during model downloads, potentially leading to file overwrites or symlink attacks. It affects users of buzz 1.1.0 who download models via the vulnerable function. The attack requires local access and high complexity.

📋 TL;DR

This vulnerability in the buzz library allows local attackers to manipulate temporary files created during model downloads, potentially leading to file overwrites or symlink attacks. It affects users of buzz 1.1.0 who download models via the vulnerable function. The attack requires local access and high complexity.

💻 Affected Systems

Products:

chidiwilliams buzz

Versions: 1.1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where buzz is used to download models via the vulnerable function

📦 What is this software?

Buzz by Chidiwilliams

View all CVEs affecting Buzz →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation or arbitrary file overwrite leading to system compromise

🟠

Likely Case

Local user could overwrite temporary files or create symlinks to sensitive files

🟢

If Mitigated

Minimal impact with proper file permissions and isolation

🌐 Internet-Facing: LOW - Attack requires local host access

🏢 Internal Only: MEDIUM - Internal users with local access could exploit

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploit disclosed publicly but requires local access and specific conditions

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider workarounds or alternative libraries.

🔧 Temporary Workarounds

Secure temporary directory

linux

Set secure permissions on temporary directories and use secure temp file creation

chmod 700 /tmp/buzz_temp
mkdir -p /tmp/buzz_temp && chmod 700 /tmp/buzz_temp

Avoid model downloads

all

Disable or avoid using the download_model function

🧯 If You Can't Patch

Restrict local user access to systems running buzz
Implement strict file permission controls and monitor temporary file operations

🔍 How to Verify

Check if Vulnerable:

Check if using buzz version 1.1.0: pip show buzz | grep Version

Check Version:

pip show buzz | grep Version

Verify Fix Applied:

Verify buzz is not version 1.1.0 or check if temporary file handling is secure

📡 Detection & Monitoring

Log Indicators:

Unusual file operations in /tmp directories
Multiple temporary file creations by buzz processes

Network Indicators:

Local file system access patterns

SIEM Query:

Process creation where command contains 'buzz' AND file operations in temporary directories

📊 Metadata

CVE ID: CVE-2024-10372

CVSS v3 Score: 4.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-377

Published: October 25, 2024

Last Updated: November 6, 2024

🔗 References

https://github.com/Startr4ck/CVE_lists/blob/main/buzz/Insecure%20Temporary%20File%20in%20BUZZ.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.281764 Permissions Required,VDB Entry
https://vuldb.com/?id.281764 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.425441 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10372, you might also want to check these: