Critical "Llama Drama" vulnerability (CVE-2024-34359) in Llama-cpp-Python package. Upgrade to version 0.2.72 to secure against RCE risks.
Discovered by Patrick Peng retr0reg, the critical vulnerability CVE-2024-34359 has been found in the “llama_cpp_python” Python package.
The discovery of this critical vulnerability, also known as the Llama Drama, was found in the Llama-cpp-Python AI package, posing a significant threat to the software supply chain.
Here’s what you need to know about CVE-2024-34359, its implications, and how organizations can protect themselves against it.
| Affected products: | Llama-cpp-Python package in Hugging Face |
| Product category: | Integrated AI Vulnerability |
| Severity: | Critical |
| Type: | Backdoor to achieve Remote Code Execution (RCE) |
| Impact: | Confidentiality (H), Integrity (H), Availability (H) |
| PoC: | https://huggingface.co/Retr0REG/Whats-up-gguf |
| Exploit in the wild | No current evidence |
| CISA Catalog | No |
| Remediation action | Upgrade to version 0.2.72 |
| MITRE advisory |
CVE-2024-34359 is a critical vulnerability discovered in the Llama-cpp-Python AI package. This package is widely used in various applications for its AI integration capabilities.
The vulnerability allows threat actors to execute arbitrary code remotely, potentially leading to unauthorized access, data breaches, and other malicious activities.
The Llama Drama flaw originates from a lack of input validation in certain functions of the package, allowing attackers to craft malicious inputs that exploit this weakness. When these inputs are processed by the affected functions, it triggers the execution of unauthorized commands, bypassing intended security measures.
With over 6k AI models on HuggingFace using llama_cpp_python and Jinja2 being vulnerable, the bug allows attackers to execute arbitrary code from the misuse of the Jinja2 template engine.
This vulnerability underscores the importance of security in AI systems and software supply chain.
If your organization utilizes the Llama-cpp-Python AI package or any software that integrates this package, then CVE-2024-34359 poses a direct risk to your systems. It’s crucial to assess your software stack and identify any dependencies on vulnerable versions of the Llama-cpp-Python package.
Even if you don’t directly use this package, it’s essential to stay informed as vulnerabilities in widely used components can have cascading effects across the software supply chain.
As of our latest knowledge, there haven’t been reported instances of CVE-2024-34359 being actively exploited in the wild. However, the critical nature of this vulnerability and its potential impact on the software supply chain highlight the urgency of addressing it promptly.
As AI technology increasingly integrates into critical applications, it is crucial to prioritize a security-first approach in building and maintaining these systems to protect against potential threats that could compromise the benefits of the technology.
Security researchers and organizations are actively monitoring for any signs of exploitation and working on mitigation strategies to prevent potential attacks.
Mitigating CVE-2024-34359 requires immediate action to secure your systems and protect against potential threats. A fix for the vulnerability has been issued in version 0.2.72.
Here are steps you can take to address this vulnerability:
Each new vulnerability is a reminder of where we stand and what we need to do better. Check out the following resources to help you maintain cyber hygiene and stay ahead of the threat actors:
Set up in minutes to aggregate and prioritize cyber risk across all your assets and attack vectors.
“The only free RBVM tool out there The only free RBVM tool lorem ipsum out there. The only”.
Name Namerson
Head of Cyber Security Strategy
