109 matches found
CVE-2024-41130 llama.cpp null pointer dereference in gguf_init_from_file
llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in ggufinitfromfile. This vulnerability is fixed in b3427...
CVE-2024-41130 llama.cpp null pointer dereference in gguf_init_from_file
llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in ggufinitfromfile. This vulnerability is fixed in b3427...
CVE-2024-41130
CVE-2024-41130 affects llama.cpp (C/C++) with a null pointer dereference in gguf_init_from_file. Root cause: null pointer dereference prior to version b3427. Impact: as documented, DoS-like behavior stemming from the crash/denial of service. Remediation: upgrade to version b3427 or later (per off...
llama.cpp 安全漏洞
llama.cpp is a multimodal model. A denial of service vulnerability exists in llama.cpp that stems from the inclusion of a null pointer dereference in ggufinitfromfile. An attacker could exploit this vulnerability to cause a denial of service...
CVE-2024-32878
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...
CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...
CVE-2024-32878
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...
CVE-2024-32878
Summary: CVE-2024-32878 affects llama.cpp (C/C++) with a use of an uninitialized heap variable in gguf_init_from_file. The vulnerability can cause a crash (DoS) and may allow arbitrary code execution if an attacker crafts input. The issue has been patched in commit b2740. What’s affected (based o...
CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...
CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...
CVE-2024-23605
A heap-based buffer overflow vulnerability exists in the GGUF library header.nkv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21836
A heap-based buffer overflow vulnerability exists in the GGUF library header.ntensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21836
A heap-based buffer overflow vulnerability exists in the GGUF library header.ntensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Heap overflow
A heap-based buffer overflow vulnerability exists in the GGUF library info-ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Heap overflow
A heap-based buffer overflow vulnerability exists in the GGUF library header.nkv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21825
Talos details CVE-2024-21825 in llama.cpp (GGUF library) focusing on parsing of GGUF_TYPE_ARRAY/GGUF_TYPE_STRING within gguf_init_from_file. An attacker-provided .gguf file can trigger a heap-based buffer overflow when kv->value.arr.n is large, due to an integer overflow in the allocation kv-&...
CVE-2024-23496
A heap-based buffer overflow vulnerability exists in the GGUF library gguffreadstr functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21836
A heap-based buffer overflow vulnerability exists in the GGUF library header.ntensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21802
A heap-based buffer overflow vulnerability exists in the GGUF library info-ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-21836
A heap-based buffer overflow vulnerability exists in the GGUF library header.ntensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...