Cyber Resilience

CVE-2024-42478

MediumPublic PoC

Published: 12 August 2024

Published
12 August 2024
Modified
27 April 2026
KEV Added
Patch
CVSS Score v3.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.0049 66.0th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-42478 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Ggml Llama.Cpp. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 34.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as NLP and Transformers; in the Privacy and Disclosure risk domain; MITRE ATLAS techniques in scope: AML.T0022, Obtain Capabilities (AML.T0016).

EU & UK References

Vulnerability details

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561.

CWE(s)

AI Security AnalysisAI

AI Category
NLP and Transformers
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
llama.cpp is a C/C++ inference engine specifically for large language models (LLMs), which are transformer-based architectures central to NLP tasks.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
Why these techniques?

The unsafe data pointer enables arbitrary memory read from the llama.cpp process, facilitating collection of data from local system process memory (T1005) and exploitation to access credentials if stored in memory (T1212).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0022AML.T0016: Obtain Capabilities

Affected Assets

ggml
llama.cpp
≤ b3561

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References