Lucene search

GitHub_MCVELIST:CVE-2024-32878

HistoryApr 26, 2024 - 8:31 p.m.

CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp

2024-04-2620:31:53

CWE-456

GitHub_M

www.cve.org

uninitialized variable vulnerability

llama.cpp

c/c++

gguf_init_from_file

dos

arbitrary code execution

patched

cve-2024-32878

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

EPSS

Percentile

9.0%

JSON

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this uninitialized value and cause arbitrary address free problems. This may further lead to be exploited. Causes llama.cpp to crash (DoS) and may even lead to arbitrary code execution (RCE). This vulnerability has been patched in commit b2740.

CNA Affected

[
  {
    "vendor": "ggerganov",
    "product": "llama.cpp",
    "versions": [
      {
        "version": "<= b2715",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ggerganov/llama.cpp/releases/tag/b2749

github.com/ggerganov/llama.cpp/security/advisories/GHSA-p5mv-gjc5-mwqv

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-32878