## Portcullis-Core Security Flaw: GovernedMemory::read_label Hardcodes Deterministic Derivation, Laundering AI-Derived Taint
A critical information flow control (IFC) vulnerability has been identified in the Portcullis-core library. The `GovernedMemory::read_label()` function systematically discards the original derivation class of stored data, instead hardcoding a `Deterministic` derivation in the returned `IFCLabel`. This flaw effectively launders taint, allowing data derived from potentially untrusted or AI-generated sources to be incorrectly labeled as deterministic, undermining the core security guarantees of the system.

The bug originates in the `crates/portcullis-core/src/memory.rs` file. The `MemoryLabel` structure, used for storing data, only retains confidentiality and integrity levels, completely discarding the derivation class upon write. Consequently, when data is later read via `read_label()` (line 373), the function unconditionally sets the `derivation` field to `crate::DerivationClass::Deterministic`—the lattice bottom for derivation—regardless of the original source's classification (e.g., AI-derived, NonDeterministic).

This design flaw has severe implications for systems relying on Portcullis for secure information flow. It breaks the chain of provenance, creating a laundering vector where taint from AI models or other non-deterministic processes can be stripped and mislabeled. This could lead to policy violations, incorrect access decisions, and the silent propagation of tainted data within governed memory, posing a significant risk to applications in security-sensitive domains that depend on accurate derivation tracking.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: security_vulnerability, information_flow_control, rust, memory_safety, ai_security
- **Credibility**: unverified
- **Published**: 2026-04-05 11:27:01
- **ID**: 50514
- **URL**: https://whisperx.ai/en/intel/50514