PT-2024-29973 · Llama.Cpp · Llama.Cpp
7Resp4Ss
·
Published
2024-08-12
·
Updated
2026-04-27
·
CVE-2024-42477
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
llama.cpp version b3561 and earlier
Description
The issue arises from the unsafe
type member in the rpc tensor structure, which can cause a global-buffer-overflow. This may lead to memory data leakage.Recommendations
For versions prior to b3561, update to b3561 or later to resolve the issue. As a temporary workaround, consider restricting access to the
rpc tensor structure until a patch is available.Exploit
Fix
Memory Leak
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Llama.Cpp