Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ggml-org llama.cpp GBNF Grammar llama-grammar.cpp llama_grammar_advance_stack stack-based overflow
Vulnerability Description
A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be launched locally. The exploit has been published and may be used. Patch name: 18993. To fix this issue, it is recommended to deploy a patch.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
llama.cpp 安全漏洞
Vulnerability Description
llama.cpp是Georgi Gerganov个人开发者的一个多模态模型。 llama.cpp 55abc39及之前版本存在安全漏洞,该漏洞源于GBNF语法处理程序存在栈缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A