
A significant security vulnerability (CVE-2024-50050) has been identified in Meta’s Llama large language model framework, potentially enabling unauthorized code execution on the llama-stack inference server. The flaw received a CVSS score of 6.3, though Snyk rated it at 9.3.
The vulnerability stems from unsafe deserialization of untrusted data in the Llama Stack component, which provides API interfaces for AI application development. The issue specifically affects the Python Inference API implementation, where automatic deserialization of Python objects using pickle poses a security risk.
Security researcher Avi Lumelsky explained that attackers could exploit this vulnerability by sending malicious objects to exposed ZeroMQ sockets, potentially achieving remote code execution on the host machine.
Meta addressed the vulnerability in version 0.0.41 (October 10, 2024) by switching from pickle to JSON format for socket communication. The fix was also implemented in the pyzmq library.
Related Security Concerns:
– A similar vulnerability was found in TensorFlow’s Keras framework in August 2024
– A DDoS vulnerability was discovered in OpenAI’s ChatGPT crawler
– Research revealed AI coding assistants sometimes recommend unsafe practices like hard-coding API keys
Security experts emphasize that LLMs are evolving existing cyber threats rather than creating new ones, making attacks more efficient and accurate. Recent developments include ShadowGenes, a method for identifying model genealogy, which helps organizations better manage their AI infrastructure security.