all AI news logo
all AI news - Your AI news aggregator
Log in Sign up
all AI news

GGML GGUF File Format Vulnerabilities

Add to bookmarks
s
March 26, 2024, 6:47 a.m. |

Simon Willison's Weblog simonwillison.net

GGML GGUF File Format Vulnerabilities


The GGML and GGUF formats are used by llama.cpp to package and distribute model weights.


Neil Archibald: "The GGML library performs insufficient validation on the input file and, therefore, contains a selection of potentially exploitable memory corruption vulnerabilities during parsing."


These vulnerabilities were shared with the library authors on 23rd January and patches landed on the 29th.


If you have a llama.cpp or llama-cpp-python installation that's more than a month old you should upgrade ASAP.

ai authors corruption cpp file format generativeai library llama llms memory neil package parsing security validation vulnerabilities

Visit resource

More from simonwillison.net / Simon Willison's Weblog

Si
Spam, junk … slop? The latest wave of AI behind the ‘zombie internet’ 21 hours ago | simonwillison.net
ai ethics generativeai internet +7
Si
NumFOCUS DISCOVER Cookbook: Minimal Measures 22 hours ago | simonwillison.net
accessibility collection conferences diversity +8
Si
Fast groq-hosted LLMs vs browser jank 1 day, 3 hours ago | simonwillison.net
browser browsers callback every +12
Si
A Plea for Sober AI 1 day, 16 hours ago | simonwillison.net
ai drewbreunig generativeai good +6
Si
AI counter app from my PyCon US keynote 2 days, 1 hour ago | simonwillison.net
ai app artificial artificial intelligence +11
Si
Quoting Patrick Reynolds 2 days, 14 hours ago | simonwillison.net
building change codebase data +2
Si
Understand errors and warnings better with Gemini 2 days, 18 hours ago | simonwillison.net
ai applications chrome chrome devtools +23
Si
Commit: Add a shared credentials relationship from twitter.com to x.com 2 days, 20 hours ago | simonwillison.net
apple json manager password +5
Si
Quoting Kelsey Piper 2 days, 21 hours ago | simonwillison.net
agreement ai document employee +6

Jobs in AI, ML, Big Data

Post a Job Search Talent

Software Engineer for AI Training Data (School Specific)

@ G2i Inc | Remote
View on ai-jobs.net

Software Engineer for AI Training Data (Python)

@ G2i Inc | Remote
View on ai-jobs.net

Software Engineer for AI Training Data (Tier 2)

@ G2i Inc | Remote
View on ai-jobs.net

Data Engineer

@ Lemon.io | Remote: Europe, LATAM, Canada, UK, Asia, Oceania
View on ai-jobs.net

Artificial Intelligence – Bioinformatic Expert

@ University of Texas Medical Branch | Galveston, TX
View on ai-jobs.net

Lead Developer (AI)

@ Cere Network | San Francisco, US
View on ai-jobs.net