Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
llama.cpp has Out-of-bounds Write in llama-server
Vulnerability Description
llama.cpp is an inference of several LLM models in C/C++. In commits 55d4206c8 and prior, the n_discard parameter is parsed directly from JSON input in the llama.cpp server's completion endpoints without validation to ensure it's non-negative. When a negative value is supplied and the context fills up, llama_memory_seq_rm/add receives a reversed range and negative offset, causing out-of-bounds memory writes in the token evaluation loop. This deterministic memory corruption can crash the process or enable remote code execution (RCE). There is no fix at the time of publication.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
llama.cpp 缓冲区错误漏洞
Vulnerability Description
llama.cpp是Georgi Gerganov个人开发者的一个多模态模型。 llama.cpp 55d4206c8及之前版本存在缓冲区错误漏洞,该漏洞源于未验证n_discard参数为非负值,可能导致越界内存写入和远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A