Meta Llama LLM security flaw could let hackers easily breach systems and spread malware

News
By
published

Researchers found a way to abuse Meta's Llama LLM

A person holding out their hand with a digital AI symbol.
(Image credit: Shutterstock / LookerStudio)
  • Security researchers find way to abuse Meta's Llama LLM for remote code execution
  • Meta addressed the problem in early October 2024
  • The problem was using pickle as a serialization format for socket communication

Meta's Llama Large Language Model (LLM) had a vulnerability which could have allowed threat actors to execute arbitrary code on the flawed server, experts have warned.

Cybersecurity researchers from Oligo Security published an in-depth analysis about a bug tracked as CVE-2024-50050, which according to the National Vulnerability Database (NVD), carries a severity score of 6.3 (medium).

The bug was discovered in a component called Llama Stack, designed to optimize the deployment, scaling, and integration of large language models.

Meta issues a fix

Oligo described the affected version as “vulnerable to deserialization of untrusted data, meaning that an attacker can execute arbitrary code by sending malicious data that is deserialized."

NVD describes the flaw like this: “Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution”.

“Socket communication has been changed to use JSON instead,” it added.

The researchers tipped Meta off about the bug on September 24, and the company addressed it on October 10, by pushing versions 0.0.41. The Hacker News notes the flaw has also been remediated in pyzmq, a Python library that provides access to the ZeroMQ messaging library.

Together with the patch, Meta released a security advisory in which it told the community it had fixed a remote code execution risk associated with using pickle as a serialization format for socket communication. The solution was to switch to the JSON format.

LLaMA, or Large Language Model Meta AI is a series of large language models developed by social media giant, Meta. These models are designed for natural language processing (NLP) tasks, such as text generation, summarization, translation, and more.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
Hacking warning on a computer screen.
Open source machine learning systems are highly vulnerable to security threats
An image of Meta's Llama 3
Chinese researchers repurpose Meta's Llama model for military intelligence applications
Zuckerberg Meta AI
Meta wants to work with the US government to deploy its Llama AI technology across multiple agencies
A person holding a virtual cloud in the palm of their hand.
Amazon EC2 instances could be under fire from whoAMI technique giving hackers code execution access
Cyber-security
Top file-sharing tools are being hit by security attacks once again
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
AMD VM security tools can be bypassed, letting hackers infilitrate your devices, experts warn
Latest in Security
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
A pair of hands using a keyboard
Microsoft SharePoint hijacked to spread Havoc malware
Microsoft
Microsoft names cybercriminals who created explicit deepfakes
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Latest in News
Apple iPad A16
Apple's new entry-level iPad ups the performance for the same price, but doesn't support Apple Intelligence
iPad Air M3
Apple updates iPad Air with powerful M3 chip and pairs it with Pro-level Magic Keyboard
Samsung Galaxy Z Flip 6 in blue
The Samsung Galaxy Z Flip 7 might improve on its predecessor in one crucial way
Nvidia RTX 5070 Founders Edition GPU shown against a green and black backdrop
Nvidia RTX 5070 early pricing hints at plenty of GPUs at the MSRP – but I’ll believe it when I see it
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Guitar Hero Mobile
Activision shares first look at Guitar Hero Mobile and, yeah, it looks like AI slop
More about security
A pair of hands using a keyboard

Microsoft SharePoint hijacked to spread Havoc malware
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.

US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Abstract image of cyber security in action.

TikTok’s American ownership rule ignores bigger IoT threat
See more latest