Name of the Vulnerable Software and Affected Versions: llama model loader (affected versions not specified)

Description: The issue is related to a heap-buffer-overflow read error. Technical details indicate that the crash occurs in the gguf get tensor offset function, specifically within the llama model loader::llama tensor weight class. The error is associated with the std:: 1::vector allocation for llama tensor weight objects. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.