CVE-2024-42479 - The Critical Vulnerability in llama.cpp, Explained, and Fixed in b3561

CVE-2024-42479 is a high-priority security vulnerability impacting llama.cpp, a file that provides LLM inference in C/C++. The vulnerability resides in the unsafe data pointer member found within the rpc_tensor structure, which can lead to the execution of arbitrary code on a vulnerable system. This long-read post will explore the CVE, explain the code snippet where the issue occurs, and provide links to original references, as well as details on the fixed version b3561.

About llama.cpp

llama.cpp is a C/C++ implementation enabling LLM inference capabilities. If exploited, this vulnerability permits an attacker to overwrite an arbitrary address in memory, potentially allowing them to perform an arbitrary code execution attack and take control of a vulnerable system. Implementations that use the vulnerable version of llama.cpp are advised to upgrade to the fixed version b3561.

Code snippet for llama.cpp involving unsafe data pointer

struct rpc_tensor {
    int ndim;
    unsigned int *shape;
    void *data;
}; 

void llama_rpc_handler (rpc_request request) {
    ...
    struct rpc_tensor tensor;
    tensor.ndim = request.values.ndim;
    tensor.shape = (unsigned int *) malloc(sizeof(unsigned int) * tensor.ndim);
    memcpy(tensor.shape, request.values.shape, sizeof(unsigned int) * tensor.ndim);
    tensor.data = request.values.data;
    ...
}

In this code snippet, the rpc_tensor structure is defined with an unsafe data pointer. When this pointer is passed to the llama_rpc_handler, there is no validation or sanitation of the address, enabling arbitrary writes to memory and the possibility of remote code execution attacks.

Original references

- CVE-2024-42479 Details

The exploit

An attacker could craft a malicious rpc_request with a crafted values.data address to overwrite an arbitrary memory location. This exploit could, in turn, lead to remote code execution on the targeted machine if careful attention is not given to verifying the data pointer's memory address.

Fixed version b3561

Thankfully, the vulnerability has been addressed in the fixed version of b3561. The recommendation is to update your implementation of llama.cpp to this version, in order to mitigate the risk associated with CVE-2024-42479.

Download the latest release from the official source (e.g. an appropriate GitHub repository)

2. Replace the existing version of llama.cpp in your project with the fixed version (maintaining any custom modifications, if necessary)

Conclusion

CVE-2024-42479 is an alarming vulnerability found in the LLM inference implementation in llama.cpp, specifically involving the unsafe data pointer member within the rpc_tensor structure. This puts systems at risk of arbitrary code execution due to unchecked memory address write operations. Developer awareness and appropriate upgrading to the fixed version b3561 are crucial to mitigating possible attacks.

For additional information, please refer to the official CVE documentation

- National Vulnerability Database

Timeline

Published on: 08/12/2024 15:15:21 UTC
Last modified on: 08/15/2024 14:03:53 UTC