Intel Reports a Max Severity Bug in Its Software for AI Model Compression

Intel has announced a critical vulnerability in certain versions of its Intel Neural Compressor software, used for AI model compression. Designated CVE-2024-22476, this bug allows unauthenticated attackers to execute arbitrary code on affected Intel systems. Among the 41 security advisories released by Intel this week, this vulnerability is the most severe.

Improper Input Validation Vulnerability

CVE-2024-22476 results from improper input validation, meaning the software fails to properly sanitize user input. This flaw has received a maximum CVSS score of 10, indicating it is remotely exploitable, requires low complexity to exploit, and significantly impacts data confidentiality, integrity, and availability. Attackers do not need special privileges or user interaction to exploit this vulnerability. Affected versions of Intel Neural Compressor are those before 2.5.0, and Intel advises upgrading to version 2.5.0 or later. This issue was identified by an external security researcher.

About Intel Neural Compressor

Intel Neural Compressor is an open-source Python library designed to compress and optimize deep learning models for applications such as computer vision, natural language processing, and recommendation systems. Techniques used for compression include neural network pruning, quantization, and model distillation. This technology aims to facilitate AI deployment on various hardware devices, including those with limited computational power, such as mobile devices.

Additional Vulnerabilities

Alongside CVE-2024-22476, Intel disclosed another vulnerability in the Neural Compressor software, CVE-2024-21792, a TOCTOU flaw that could lead to information disclosure. This vulnerability is considered moderate risk as it requires local, authenticated access to exploit.

Intel also revealed five high-severity privilege escalation vulnerabilities in its UEFI firmware for server products. These vulnerabilities (CVE-2024-22382, CVE-2024-23487, CVE-2024-24981, CVE-2024-23980, and CVE-2024-22095) are also due to input validation flaws, with severity scores ranging from 7.2 to 7.5 on the CVSS scale.

Growing AI Security Concerns

The Neural Compressor vulnerabilities highlight the expanding attack surface that AI software introduces to enterprise environments. While much of the focus has been on the risks of large language models and AI-enabled tools like ChatGPT, vulnerabilities in core AI software components pose significant threats. For example, researchers recently identified security flaws in the HuggingFace platform, which could allow attackers to tamper with or upload malicious models.

A UK study also outlined numerous cyber-risks at every stage of the AI lifecycle, from design and development to deployment and maintenance. These risks include inadequate threat modeling, insecure authentication, poor input validation, and more.

Conclusion

To mitigate these risks, organizations using Intel Neural Compressor should promptly upgrade to version 2.5.0 or later and stay vigilant about other disclosed vulnerabilities. The evolving landscape of AI security underscores the need for robust protective measures and continuous monitoring of AI systems to safeguard against emerging threats.