A essential safety flaw has been disclosed within the llama_cpp_python Python bundle that might be exploited by menace actors to attain arbitrary code execution.
Tracked as CVE-2024-34359 (CVSS rating: 9.7), the flaw has been codenamed Llama Drama by software program provide chain safety agency Checkmarx.
“If exploited, it could allow attackers to execute arbitrary code on your system, compromising data and operations,” safety researcher Man Nachshon mentioned.
llama_cpp_python, a Python binding for the llama.cpp library, is a well-liked bundle with over 3 million downloads so far, permitting builders to combine AI fashions with Python.
Safety researcher Patrick Peng (retr0reg) has been credited with discovering and reporting the flaw, which has been addressed in model 0.2.72.
The core problem stems from the misuse of the Jinja2 template engine inside the llama_cpp_python bundle, permitting for server-side template injection that results in distant code execution via a specifically crafted payload.
“The exploitation of this vulnerability can lead to unauthorized actions by attackers, including data theft, system compromise, and disruption of operations,” Checkmarx mentioned.
“The discovery of CVE-2024-34359 serves as a stark reminder of the vulnerabilities that can arise at the confluence of AI and supply chain security. It highlights the need for vigilant security practices throughout the lifecycle of AI systems and their components.”
Code Execution Flaw in PDF.js
The event follows the invention of a high-severity flaw in Mozilla’s PDF.js JavaScript library (CVE-2024-4367) that might enable the execution of arbitrary code.
“A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context,” Mozilla mentioned in an advisory.
Codean Labs, which characterised the flaw as an “oversight in a specific part of the font rendering code,” mentioned it permits an attacker to execute JavaScript code as quickly as a malware-laced PDF doc is opened within the Firefox browser.
The difficulty has been addressed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 shipped final week. It has additionally been resolved within the npm module pdfjs-dist model 4.2.67 launched on April 29, 2024.
“Most wrapper libraries like react-pdf have additionally launched patched variations,” safety researcher Thomas Rinsma mentioned. “Because some higher level PDF-related libraries statically embed PDF.js, we recommend recursively checking your node_modules folder for files called pdf.js to be sure.”
