CVE-2024-32878
Published: 26 April 2024
Summary
CVE-2024-32878 is a high-severity Missing Initialization of a Variable (CWE-456) vulnerability in Ggml Llama.Cpp. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 49.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as NLP and Transformers; in the LLM/Generative AI Risks risk domain; MITRE ATLAS techniques in scope: External Harms (AML.T0048).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-30655
Vulnerability details
Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully…
more
constructed, it may be possible to control this uninitialized value and cause arbitrary address free problems. This may further lead to be exploited. Causes llama.cpp to crash (DoS) and may even lead to arbitrary code execution (RCE). This vulnerability has been patched in commit b2740.
- CWE(s)
AI Security AnalysisAI
- AI Category
- NLP and Transformers
- Risk Domain
- LLM/Generative AI Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Llama.cpp is a C/C++ library for LLM inference, specifically handling transformer-based models like Llama using GGUF format. The vulnerability occurs in model file loading (gguf_init_from_file), directly tied to LLM inference in the NLP/Transformers domain.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The uninitialized heap variable vulnerability in llama.cpp enables exploitation for client execution (T1203) via potential arbitrary code execution when processing malicious GGUF files, and facilitates endpoint denial of service (T1499.004) through application crashes.
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.