1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1109124: llama.cpp: CVE-2025-53630

    From Salvatore Bonaccorso@21:1/5 to All on Fri Jul 11 21:30:01 2025
    Source: llama.cpp
    Version: 5760+dfsg-4
    Severity: grave
    Tags: security upstream
    X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

    Hi,

    The following vulnerability was published for llama.cpp.

    CVE-2025-53630[0]:
    | llama.cpp is an inference of several LLM models in C/C++. Integer
    | Overflow in the gguf_init_from_file_impl function in
    | ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This
    | vulnerability is fixed in commit
    | 26a48ad699d50b6268900062661bd22f3e792579.


    If you fix the vulnerability please also make sure to include the
    CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

    For further information see:

    [0] https://security-tracker.debian.org/tracker/CVE-2025-53630
    https://www.cve.org/CVERecord?id=CVE-2025-53630
    [1] https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-vgg9-87g3-85w8
    [2] https://github.com/ggml-org/llama.cpp/commit/26a48ad699d50b6268900062661bd22f3e792579

    Please adjust the affected versions in the BTS as needed.

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to Salvatore Bonaccorso on Fri Jul 11 23:50:01 2025
    This is a multi-part message in MIME format...

    Your message dated Fri, 11 Jul 2025 23:43:40 +0200
    with message-id <[email protected]>
    and subject line Re: Bug#1109124: llama.cpp: CVE-2025-53630
    has caused the Debian Bug report #1109124,
    regarding llama.cpp: CVE-2025-53630
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected]
    immediately.)


    --
    1109124: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109124
    Debian Bug Tracking System
    Contact [email protected] with problems

    Received: (at submit) by bugs.debian.org; 11 Jul 2025 19:19:55 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02
    (2024-03-25) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-9.5 required=4.0 tests=BAYES_00,FOURLA,FROMDEVELOPER,
    KHOP_HELO_FCRDNS,MD5_SHA1_SUM,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
    RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED,
    RDNS_DYNAMIC,SPF_HELO_NONE,SPF_NONE,XMAILER_REPORTBUG autolearn=ham
    autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 27; hammy, 147; neutral, 31; spammy,
    3. spammytokens:0.968-+--models, 0.943-+--H*r:bugs.debian.org,
    0.911-+--Read hammytokens:0.000-+--H*F:U*carnil, 0.000-+--XDebbugsCc,
    0.000-+--X-Debbugs-Cc, 0.000-+--H*r:eldamar.lan, 0.000-+--H*M:reportbug Return-path: <[email protected]>
    Received: from
  • From Salvatore Bonaccorso@21:1/5 to Christian Kastner on Sun Jul 13 08:00:01 2025
    Hi Christian,

    On Sat, Jul 12, 2025 at 12:04:34AM +0200, Christian Kastner wrote:
    On 2025-07-11 21:19, Salvatore Bonaccorso wrote:
    The following vulnerability was published for llama.cpp.

    CVE-2025-53630[0]:
    | llama.cpp is an inference of several LLM models in C/C++. Integer
    | Overflow in the gguf_init_from_file_impl function in
    | ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write.

    This is a bit of an interesting situation as the fix went into the ggml embedded into llama.cpp, but it hasn't been synced up to main ggml yet.
    And because there is also an ABI break, the newest llama.cpp doesn't
    build with the old ggml.

    I'll ask upstream for a sync, and to automatically do so in future if a
    CVE gets reported.

    Nevertheless, I really need to figure out a better way to deal with llama.cpp, whisper.cpp, and ggml triad. Re-embedding isn't an option as
    the ggml build is already pretty complicated by itself, adding another
    layer would be a pain.

    Thanks. The gguf.cpp as emmbedded in llama.cpp is compiled and used,
    is that correct? Do we use the external ggml in the system?

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)