Security researchers find way to abuse Meta’s Llama LLM for remote code execution
Meta addressed the problem in early October 2024
The problem was using pickle as a serialization format for socket communication
Meta’s Llama Large Language Model (LLM) had a vulnerability which could have allowed threat actors to execute arbitrary code on the flawed server, experts have warned.
Cybersecurity researchers from Oligo Security published an in-depth analysis about a bug tracked as CVE-2024-50050, which according to the National Vulnerability Database (NVD), carries a severity score of 6.3 (medium).