Vulnerability Details CVE-2024-41130
llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in gguf_init_from_file. This vulnerability is fixed in b3427.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 5.4
References
- https://github.com/ggerganov/llama.cpp/commit/07283b1a90e1320aae4762c7e03c879043910252
- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-49q7-2jmh-92fp
- https://github.com/ggerganov/llama.cpp/commit/07283b1a90e1320aae4762c7e03c879043910252
- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-49q7-2jmh-92fp