90 matches found
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the rpctensor structure. An attacker can read arbitrary memory addresses by manipulating the data pointer. PoC from pwn import ALLOCBUFFER = 0 GETALIGNMENT = 1 GETMAXSIZE = 2 BUFFERGETBASE = 3 FREEBUFFER = 4...
Write-what-where Condition
Overview Affected versions of this package are vulnerable to Write-what-where Condition through the rpctensor structure. An attacker can write to arbitrary memory addresses by manipulating the data pointer. PoC from pwn import ALLOCBUFFER = 0 GETALIGNMENT = 1 GETMAXSIZE = 2 BUFFERGETBASE = 3...
CVE-2024-42478
llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpctensor structure can cause arbitrary address reading. This vulnerability is fixed in b3561...
CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor
llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpctensor structure can cause arbitrary address writing. This vulnerability is fixed in b3561...
CVE-2024-42479
In llama.cpp, a vulnerability exists in the unsafe data pointer member of the rpc_tensor structure, enabling arbitrary address writes via rpc_server::set_tensor. The issue is a code-level flaw in LLM inference code paths written in C/C++, with a root cause tied to the data pointer in the rpc_tens...
CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor
llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpctensor structure can cause arbitrary address writing. This vulnerability is fixed in b3561...
CVE-2024-42478
CVE-2024-42478 concerns llama.cpp where an unsafe data pointer in the rpc_tensor structure can lead to arbitrary address reads. Several sources concur this is a code-level issue; the public CVE description states the vulnerability is fixed in b3561. Some connected advisories also advise upgrading...
llama.cpp 安全漏洞
llama.cpp is a multimodal model. llama.cpp suffers from a remote code execution vulnerability that originates in the data pointer in the rpctensor structure, which can be exploited by an attacker to cause an arbitrary address to be read...
llama.cpp 安全漏洞
llama.cpp is a multimodal model. A remote code execution vulnerability exists in llama.cpp, which originates in the data pointer in the rpctensor structure, and can be exploited by an attacker to cause an arbitrary address to be written...
PT-2024-29975 · Llama.Cpp · Llama.Cpp
Name of the Vulnerable Software and Affected Versions: llama.cpp versions prior to b3561 Description: The issue is related to the rpc tensor structure in llama.cpp, which provides LLM inference in C/C++. The unsafe data pointer member can cause arbitrary address writing, potentially leading to...
SUSE CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
A vulnerability was found in the s390/dasd subsystem in the Linux Kernel, where an invalid dereferencing of an indirect Channel Command Word CCW data pointer could cause a kernel panic. The issue occurs due to the CCW Command Data Address CDA pointer used with indirect addressing IDAW, which need...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
DEBIAN-CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
UBUNTU-CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099 s390/dasd: Fix invalid dereferencing of indirect CCW data pointer
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
The CVE-2024-42099 issue affects the Linux kernel s390/dasd subsystem. It concerns indirect addressing for DASD CCWs (IDAW) where the CCW CDA pointer points to IDAL and must be translated from physical to virtual before use. Dereferencing this pointer can cause a kernel panic in error paths, incl...
DEBIAN-CVE-2022-48750
In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix crash in clearcaseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 1...