A critical vulnerability in llama-cpp-python package affects over 6,000 AI models, allowing remote code execution via improper Jinja2 template engine implementation, leading to supply chain attacks. The flaw, CVE-2024-34359, discovered by Patrick Peng, permits injection of malicious templates which could compromise models using .gguf format, popular on Hugging Face
Peng's proof-of-concept exploit demonstrates how attackers could inject code, posing risks to unsuspecting AI developers. The fix in version 0.2.72 of llama-cpp-python emphasizes input validation and sandboxing. Checkmarx points out the necessity of security-first approach in AI systems to prevent vulnerabilities in AI and supply chain security. ```https://www.scmagazine.com/news/6k-plus-ai-models-may-be-affected-by-critical-rce-vulnerability