- Description
- llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2024-46938 2 - CVE-2024-37397 3 - CVE-2024-42477 4 - CVE-2024-11477 5 - CVE-2024-0012 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
25 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-8811 2 - CVE-2024-42477 3 - CVE-2024-8856 4 - CVE-2020-27786 5 - CVE-2024-46938 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
24 Nov 2024
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-42477/CVE-2024-42478/CVE-2024-42479: llama.cpp Memory Leak & Arbitrary Read & Write Vulnerability The vulnerability occurred due to insufficient verification of rpc_tensor structure members, allowing remote code execution. https://t.co/MGK88N4IEu
@hackyboiz
23 Nov 2024
2627 Impressions
17 Retweets
49 Likes
18 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ggerganov:llama.cpp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "959A4095-3418-4510-B812-74AC693D3DAC",
"versionEndExcluding": "b3561"
}
],
"operator": "OR"
}
]
}
]