Lucene search
GoogleOSV:CVE-2024-42479HistoryAug 12, 2024 - 3:15 p.m.
CVE-2024-42479
2024-08-1215:15:21
Google
osv.dev
6
llama.cpp
rpc_tensor
unsafe data pointer
arbitrary address writing
vulnerability
b3561
software
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
6.9
Confidence
High
llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpc_tensor structure can cause arbitrary address writing. This vulnerability is fixed in b3561.
Related
vulnrichment
vulnrichment
CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor
2024-08-12 15:07:19
cvelist
cvelist
CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor
2024-08-12 15:07:19
nvd
nvd
CVE-2024-42479
2024-08-12 15:15:21
cve
cve
CVE-2024-42479
2024-08-12 15:15:21
nessus
nessus
LLama cpp python binding < 0.2.88 Arbitrary Write Vulnerability
2024-09-17 00:00:00
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
6.9
Confidence
High
Related for OSV:CVE-2024-42479