Coordinated Disclosure Timeline
- 2024-10-10: Issue reported to a maintainer of the project.
- 2024-10-11: Issue fixed by restricting default permission for the
GITHUB_TOKENtoreadonly.
Summary
Checking out of untrusted branch allows code execution in trusted context in the pr-comment-validate Action
Project
Tribler
Tested Version
main branch head
Details
Checking out of untrusted branch allows code execution in trusted context in the pr-comment-validate Action (GHSL-2024-303)
The pr-comment-validate.yml GitHub Action checks out a PR branch in the Validate PR step (1. in the below):
steps:
- uses: actions/checkout@v4 //<------- 1.
with:
ref: refs/pull/${{ github.event.issue.number }}/head
submodules: 'true'
...
- run: python -m pip install -r requirements.txt //<------- 2.
It then runs python -m pip install -r requirements.txt in 2. in the above. However, this requirements.txt is now the one that is defined on the PR branch, which can be controlled by the author of the PR. By creating a malicious requirements.txt in the PR branch, a malicious actor can execute arbitrary code in the runner (see, e.g. the “AUTOGPT” section here).
As the runner has full write permission, this allows repository content to be modified, and secrets such as the GitHub Token be exfiltrated.
Impact
This issue may lead to code execution in runner with write permission
Credit
This issue was discovered by CodeQL and reported by GHSL team member @m-y-mo (Man Yue Mo).
Contact
You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2024-303 in any communication regarding this issue.