YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
GGUF Stride Overflow PoC
Security Research β Vulnerability Proof of Concept
Vulnerability: Integer Overflow in GGUF Tensor Stride Calculations (CWE-190 β CWE-122)
The GGUF parser in ggml validates that tensor element counts fit in int64_t but does NOT validate that byte-level stride calculations (nb[]) fit in size_t.
A malicious GGUF file can craft tensor dimensions where:
ne[0]passes the INT64_MAX element count checknb[1] = type_size * ne[0]overflowssize_tto a small valueggml_nbytes()returns the overflowed (small) value- A tiny buffer is allocated for a tensor claiming billions of elements
- Consumer code accessing tensor data triggers heap buffer overflow
Files
malicious.ggufβ Malicious GGUF file (576 bytes)poc.pyβ Generator script
Impact
Heap buffer overflow (read/write) when loading a crafted .gguf model file with no_alloc=false.
Affects all GGML-based inference engines (llama.cpp, whisper.cpp, etc.).
- Downloads last month
- 5
Hardware compatibility
Log In to add your hardware
We're not able to determine the quantization variants.
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support