Remote Code Execution in llama.cpp - Affected by Insecure RPC Backend
CVE-2026-34159
Key Information:
Badges
What is CVE-2026-34159?
CVE-2026-34159 is a serious vulnerability identified in the llama.cpp software, which is an inference framework for various large language models (LLMs) implemented in C/C++. This vulnerability arises from an insecure Remote Procedure Call (RPC) backend, specifically in the deserialize_tensor() function. Before version b8492, this function fails to perform necessary bounds validation when processing tensor buffer fields that are zero. As a result, an unauthenticated attacker can exploit this flaw to read and write arbitrary memory within the affected process by sending specially crafted GRAPH_COMPUTE messages. This would allow the attacker to bypass Address Space Layout Randomization (ASLR) protections, enabling remote code execution without any authentication, simply requiring TCP access to the RPC server's port.
The exploitation of this vulnerability poses significant risks to organizations using llama.cpp, as it can lead to complete system compromise, exposing sensitive data and critical infrastructure to unauthorized control.
Potential impact of CVE-2026-34159
-
Remote Code Execution: The most significant impact of this vulnerability is the ability for attackers to execute arbitrary code on affected systems. This can lead to complete control over the host, allowing for data exfiltration, manipulation, or further infiltration into connected networks.
-
Unauthorized Memory Access: Attackers can read and write to arbitrary memory locations, which could result in data breaches, theft of sensitive information, or the planting of malicious software to maintain persistent access.
-
Lack of Authentication: As the vulnerability allows for exploitation without requiring any form of authentication, it considerably increases the threat surface. Any actor with network access to the RPC server can potentially exploit the flaw, making it easier for malicious entities to target systems running llama.cpp.
Affected Version(s)
llama.cpp < b8492
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.