Filtered by vendor Ggerganov
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-32878 | 1 Ggerganov | 1 Llama.cpp | 2024-11-21 | 7.1 High |
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this uninitialized value and cause arbitrary address free problems. This may further lead to be exploited. Causes llama.cpp to crash (DoS) and may even lead to arbitrary code execution (RCE). This vulnerability has been patched in commit b2740. | ||||
CVE-2024-42478 | 1 Ggerganov | 1 Llama.cpp | 2024-08-16 | 5.3 Medium |
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561. | ||||
CVE-2024-42479 | 1 Ggerganov | 1 Llama.cpp | 2024-08-15 | 10 Critical |
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561. | ||||
CVE-2024-42477 | 1 Ggerganov | 1 Llama.cpp | 2024-08-15 | 5.3 Medium |
llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561. |
Page 1 of 1.