CVE-2024-32878

Description

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this uninitialized value and cause arbitrary address free problems. This may further lead to be exploited. Causes llama.cpp to crash (DoS) and may even lead to arbitrary code execution (RCE). This vulnerability has been patched in commit b2740.

CVSS v3.1 Score

7.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

Weakness Type (CWE)

CWE-456 CWE-456

Affected Products

Vendor	Product	Versions
ggml	llama.cpp	b2715 — b2740

References

Advisories & Patches

https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-p5mv-gjc5-mwqv https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-p5mv-gjc5-mwqv

Other References

https://github.com/ggerganov/llama.cpp/releases/tag/b2749 https://github.com/ggerganov/llama.cpp/releases/tag/b2749

Frequently Asked Questions

What is CVE-2024-32878? +

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this uninitialized value and cause arbitrary address free problems. This may further lead to be exploited. Causes llama.cpp to crash (DoS) and may even lead to arbitrary code execution (RCE). This vulnerability has been patched in commit b2740. It has a CVSS v3.1 base score of 7.1 (HIGH).

How severe is CVE-2024-32878? +

CVE-2024-32878 has a CVSS v3.1 score of 7.1 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2024-32878? +

CVE-2024-32878 affects products from ggml, specifically: llama.cpp. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-32878? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2024-54131

The Kolide Agent (aka: Launcher) is the lightweight agent designed to work with Kolide's service. An implementation bug in the …

CVE-2024-9780 7.8

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

CVE-2024-42479 10.0

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. …

CVE-2025-49847 8.8

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can …

CVE-2024-21802 8.8

A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf …

CVE-2024-21825 8.8

A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted …