www.belgium.be Logo of the federal government

Warning: Critical Vulnerability In LLaMa Allows For Remote Code Execution, Patch Immediately!

Reference: 
Advisory #2024-204
Version: 
1.0
Affected software: 
llama_cpp_python lower than release b3561
Type: 
Arbitrary address writing remote code execution
CVE/CVSS: 

CVE-2024-42479: CVSS v3 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Sources

NIST: https://nvd.nist.gov/vuln/detail/CVE-2024-42479
 

Risks

Threat actors can execute malicious code on affected systems remotely. Such as writing data to arbitrary memory locations and this can serve as a foundation for a wide range of exploits, including those leading to remote code execution.

The vulnerability has a high impact on confidentiality, integrity, and availability.

Description

The vulnerability stems from a “Write-what-where” condition in the “rpc_server::set_tensor” function. This condition arises from the unsafe handling of data pointers within the “rpc_tensor” structure, potentially enabling attackers to write data to arbitrary memory locations.

A proof-of-concept exploit has been published along with a technical breakdown.

Recommended Actions

Patch

The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing. The vulnerability has been patched in version b3561 of the llama_cpp_python package.

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

References

GitHub: https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj
Fixed version: https://github.com/ggerganov/llama.cpp/releases/tag/b3561