MLX Wild Pointer Dereference Vulnerability in GGUF File Loading
Vulnerability
A segmentation fault vulnerability has been identified in MLX versions prior to 0.29.4. The issue arises in the 'mlx::core::load_gguf()' function when malicious GGUF files are loaded. An untrusted pointer from the external gguflib library is dereferenced without proper validation, leading to an application crash. This vulnerability affects MLX users on all platforms who use the 'load_gguf' method with unsanitized input.
Impact
Exploitation of this vulnerability causes a segmentation fault, leading to an application crash. This type of error is uncatchable by exception handlers, causing the program to terminate abruptly.
Reproduction
The vulnerability can be reproduced by installing MLX and using the 'load' function to load a malicious GGUF file, such as one containing exploited model weights. The AddressSanitizer output will indicate a segmentation fault caused by an invalid memory access, demonstrating the impact of the vulnerability.
Remediation
Users can upgrade to MLX version 0.29.4 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.