YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
PoC: SurrealML Memory Allocation DoS via Malformed .surml Header
Vulnerability
SurrealML's SurMlFile::from_file() at surml_file.rs:108 reads a 4-byte header length from a .surml file and allocates that many bytes without any upper bound validation.
A crafted 5-byte .surml file can trigger a 4 GB memory allocation, crashing any SurrealDB node that loads it.
Files
malicious_dos.surmlโ 5-byte .surml file claiming a 4GB header (max u32)moderate_dos.surmlโ 5-byte .surml file claiming a 1GB headercreate_malicious_surml.pyโ Script to generate the crafted files
Reproduction
# Generate the PoC files:
python3 create_malicious_surml.py
# Trigger via Python (requires surrealml):
python3 -c "from surrealml import SurMlFile; SurMlFile.from_file('malicious_dos.surml')"
# Trigger via SurrealDB API:
curl -X POST http://surrealdb:8000/ml/import \
-H "Authorization: Bearer <token>" \
--data-binary @malicious_dos.surml
Impact
- Denial of Service: 5-byte file causes 4GB allocation attempt
- Process crash (OOM kill) or severe memory pressure
- Remotely triggerable via SurrealDB ML model import API
NON-DESTRUCTIVE
These files only cause memory allocation. No code is executed.
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support