Cyber Resilience

CVE-2024-42479

CriticalPublic PoC

Published: 12 August 2024

Published
12 August 2024
Modified
27 April 2026
KEV Added
Patch
CVSS Score v3.1 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0568 90.6th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-42479 is a critical-severity Write-what-where Condition (CWE-123) vulnerability in Ggml Llama.Cpp. Its CVSS base score is 10.0 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 9.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as NLP and Transformers; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: External Harms (AML.T0048).

Deeper analysis

llama.cpp, a C/C++ library providing LLM inference, is affected by CVE-2024-42479, a flaw in the rpc_tensor structure. The unsafe data pointer member permits arbitrary address writing, corresponding to CWE-123 and CWE-787, and carries a CVSS 3.1 score of 10.0 reflecting network-reachable impact with high consequences for confidentiality, integrity, and availability plus scope change.

An unauthenticated remote attacker can supply crafted RPC data to trigger the write primitive, achieving arbitrary memory modification that may lead to code execution or full host compromise in affected deployments.

The issue is resolved in commit b3561, per the associated GitHub security advisory GHSA-wcr5-566p-9cwj, which directs users to apply the patch.

EPSS remains low at a current value of 0.0568 with a peak of 0.0586 and shows no material rise; the vulnerability is relevant to AI/ML environments that expose llama.cpp RPC interfaces for distributed inference.

EU & UK References

Vulnerability details

llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.

CWE(s)

AI Security AnalysisAI

AI Category
NLP and Transformers
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
llama.cpp is a C/C++ library specifically for LLM (Large Language Model) inference, which relies on transformer architectures central to NLP tasks.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Arbitrary address writing via unsafe data pointer in rpc_tensor enables remote code execution for initial access when exploiting a public-facing llama.cpp server and facilitates privilege escalation through memory corruption.

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0048: External Harms

Affected Assets

ggml
llama.cpp
≤ b3561

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-123 CWE-787

Write-what-where primitives are neutralized when the attacker cannot execute the memory they control.

References