You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

Security PoC β€” llama.cpp GGUF array element-type confusion (heap OOB read)

This repository does NOT contain a usable model. The .gguf files here are tiny, deliberately-malformed GGUF files that serve as a security proof-of-concept for a memory-safety bug in ggml-org/llama.cpp's tokenizer/vocab loader. They are uploaded here solely to support a coordinated vulnerability disclosure via huntr. They trigger a heap out-of-bounds read at model-load time.

What the bug is

gguf_get_arr_data() returns the raw backing buffer of a GGUF array and asserts only that the element type is not STRING. Several consumers in llama.cpp cast that buffer to a 4-byte element type (float / int32) after validating only the array count, never the element type. A crafted GGUF that declares a tokenizer array (e.g. tokenizer.ggml.scores) with a 1-byte element type (INT8) backs only count Γ— 1 bytes, but the consumer reads count Γ— 4 bytes β†’ heap out-of-bounds read (CWE-125) at model load. The over-read magnitude is attacker-controlled (a large declared token count forces a hundreds-of-KB over-read β†’ reliable DoS). Observed impact is an out-of-bounds read (DoS); no write primitive observed, no RCE claimed.

Downloads last month
-
GGUF
Model size
0 params
Architecture
llama
Hardware compatibility
Log In to add your hardware

We're not able to determine the quantization variants.

Inference Providers NEW
This model isn't deployed by any Inference Provider. πŸ™‹ Ask for provider support