CVE-2026-34159

Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b8492

Description A logic bug in the RPC backend's deserialize tensor() function allows an unauthenticated attacker to read and write arbitrary process memory. This occurs because bounds validation is skipped when a tensor's buffer field is set to 0. By sending crafted 'GRAPH COMPUTE' messages and utilizing pointer leaks from 'ALLOC BUFFER' and 'BUFFER GET BASE', an attacker can achieve a full ASLR (Address Space Layout Randomization) bypass and remote code execution. The attack requires only TCP access to the RPC server port and no authentication.

Recommendations Update to version b8492.