Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
llama.cpp: Unauthenticated RCE via GRAPH_COMPUTE buffer=0 bypass in llama.cpp RPC backend
Vulnerability Description
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserialize_tensor() skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPH_COMPUTE messages. Combined with pointer leaks from ALLOC_BUFFER/BUFFER_GET_BASE, this gives full ASLR bypass and remote code execution. No authentication required, just TCP access to the RPC server port. This issue has been patched in version b8492.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
llama.cpp 缓冲区错误漏洞
Vulnerability Description
llama.cpp是Georgi Gerganov个人开发者的一个多模态模型。 llama.cpp b8492之前版本存在缓冲区错误漏洞,该漏洞源于RPC后端的deserialize_tensor()在张量的buffer字段为0时跳过所有边界验证,可能导致未经验证的攻击者通过特制GRAPH_COMPUTE消息读写任意进程内存,结合指针泄露实现完整的ASLR绕过和远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A