CVE-2024-42479 Information

Description

llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpc_tensor structure can cause arbitrary address writing. This vulnerability is fixed in b3561.

Reference

https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b