CVE-2024-21825

Name of the Vulnerable Software and Affected Versions GGUF library (affected versions not specified)

Description A heap-based buffer overflow vulnerability exists in the GGUF library's GGUF TYPE ARRAY/GGUF TYPE STRING parsing functionality of llama.cpp. This issue is related to integer overflow. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary code. The vulnerability can be triggered by a specially crafted .gguf file, which can lead to code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.