CNNVD-202507-1472 Information

CNNVD ID

CNNVD-202507-1472

Related CVE

CVE-2025-53630

• CNNVD Published: 2025-07-10

Description (Chinese)

llama.cpp是Georgi Gerganov个人开发者的一个多模态模型。 llama.cpp存在安全漏洞，该漏洞源于gguf_init_from_file_impl函数中整数溢出，可能导致堆越界读写。

Description (English)

llama.cpp is a multi-modular model of Georgi Gerganov’s personal developer. Allama.cpp has a security loophole, which results from an integer spill in the gguf init from file impl function, which may lead to cross-border reading and writing.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-10

Last Modified

2026-02-24

References

https://github.com/ggml-org/llama.cpp/commit/26a48ad699d50b6268900062661bd22f3e792579 https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-vgg9-87g3-85w8 https://access.redhat.com/security/cve/cve-2025-53630 https://nvd.nist.gov/vuln/detail/CVE-2025-53630

Patch

https://github.com/ggml-org/llama.cpp/releases