| Title | Vllm aibrix 0.2.0 prefix cache reuse |
|---|
| Description | Summary
Maliciously crafted prompts may cause hash collisions, leading to prefix cache reuse, which could interfere with subsequent responses and result in unintended behavior.
Details
aibrix's prefix caching mechanism relies on the xxhash64 hash algorithm. Since xxhash64 uses a fixed seed value (e.g., seed=0) in its default configuration, its hash outputs are predictable. Attackers could exploit this determinism to craft specific inputs that generate hash collisions.
Use Case
Impact
If aibrix's hash generation logic lacks randomization (e.g., no dynamic seeds or salting), attackers could leverage xxhash64's predictable nature to inject malicious inputs that collide with target prompts, causing cache pollution and subsequent response errors.
Proposed Solution
Fix Recommendation
In a cluster environment, this issue should be addressed by implementing statistically unique and cryptographically secure xxhash seed values.(not Like vllm GHSA-rm76-4mrf-v9r8 )This approach would:
Prevent attackers from predicting or forcing collisions.
Enable global cache sharing across the cluster while maintaining security.
issue:https://github.com/vllm-project/aibrix/issues/749
fix PR:https://github.com/vllm-project/aibrix/pull/752 |
|---|
| Source | ⚠️ https://github.com/vllm-project/aibrix/issues/749 |
|---|
| User | kexinoh (UID 82084) |
|---|
| Submission | 02/27/2025 02:39 (1 Year ago) |
|---|
| Moderation | 03/04/2025 15:20 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 298543 [vLLM AIBrix 0.2.0 Prefix Caching hash.go random values] |
|---|
| Points | 20 |
|---|