Hugging Face's logo

xiaoyaoes
/
llama-cpp-gguf-alignment-overflow-poc

Text Generation
GGUF
llama
Model card Files
xet
 Community
llama-cpp-gguf-alignment-overflow-poc / README.md
xiaoyaoes's picture
xiaoyaoes
Upload README.md with huggingface_hub
3c3f190 verified
preview code
|
raw
history blame contribute delete
819 Bytes
metadata 
tags:
  - llama
  - gguf
  - text-generation
license: mit

GGUF Alignment Exploit (V-01 PoC)

This repository contains proof-of-concept GGUF files demonstrating an unpatched critical vulnerability (V-01) in llama.cpp's GGUF parser.

Files

  • model.gguf — Malicious GGUF with general.alignment = 0x80000000
  • benign_model.gguf — Normal GGUF with general.alignment = 32

Vulnerability

The general.alignment field in GGUF files is validated only for power-of-2 and non-zero, but has NO upper bound check. Setting it to very large values (e.g., 0x80000000) causes:

  • Integer overflow in GGML_PAD() macro on 32-bit systems
  • Arbitrary file seek + out-of-bounds read
  • Potential heap corruption

This affects ALL llama.cpp versions and ALL downstream tools (ollama, LM Studio, llama-cpp-python, etc.)