Lucene search
GoogleOSV:CVE-2024-42477HistoryAug 12, 2024 - 3:15 p.m.
CVE-2024-42477
2024-08-1215:15:21
Google
osv.dev
2
llama.cpp
rpc_tensor
global-buffer-overflow
memory data leakage
b3561
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
High
llama.cpp provides LLM inference in C/C++. The unsafe type member in the rpc_tensor structure can cause global-buffer-overflow. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.
Related
cvelist
cvelist
CVE-2024-42477 llama.cpp global-buffer-overflow in ggml_type_size
2024-08-12 15:02:40
vulnrichment
vulnrichment
CVE-2024-42477 llama.cpp global-buffer-overflow in ggml_type_size
2024-08-12 15:02:40
redhatcve
redhatcve
CVE-2024-42477
2024-08-13 20:44:59
cve
cve
CVE-2024-42477
2024-08-12 15:15:21
nvd
nvd
CVE-2024-42477
2024-08-12 15:15:21
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
High
Related for OSV:CVE-2024-42477