{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12704", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-12-17T10:58:19.646Z", "datePublished": "2025-03-20T10:09:06.689Z", "dateUpdated": "2025-03-20T18:58:07.026Z"}, "containers": {"cna": {"title": "Denial of Service (DoS) in run-llama/llama_index", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:06.689Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"version": "unspecified", "lessThan": "0.12.6", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"}, {"url": "https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-755 Improper Handling of Exceptional Conditions", "cweId": "CWE-755"}]}], "source": {"advisory": "a0b638fd-21c6-4ba7-b381-6ab98472a02a", "discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-20T17:54:16.910026Z", "id": "CVE-2024-12704", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T18:58:07.026Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12704", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-20T17:54:16.910026Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T17:54:18.353Z"}}], "cna": {"title": "Denial of Service (DoS) in run-llama/llama_index", "source": {"advisory": "a0b638fd-21c6-4ba7-b381-6ab98472a02a", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.12.6", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"}, {"url": "https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:06.689Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12704", "state": "PUBLISHED", "dateUpdated": "2025-03-20T18:58:07.026Z", "dateReserved": "2024-12-17T10:58:19.646Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2025-03-20T10:09:06.689Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}], "id": "CVE-2024-12704", "lastModified": "2025-03-20T10:15:29.383", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2025-03-20T10:15:29.383", "references": [{"source": "security@huntr.dev", "url": "https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "security@huntr.dev", "type": "Primary"}]}

{"bugzilla": {"description": "llama-index: Denial of Service (DoS) in run-llama/llama_index", "id": "2353770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353770"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-755", "details": ["A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely.", "A flaw was found in the run-llama/llama_index. This vulnerability allows for a denial of service (DoS) attack via improper exception handling in the stream_complete method, which leads to an infinite loop in get_response_gen when the execution thread terminates abnormally."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-12704", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed-tech-preview/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}], "public_date": "2025-03-20T10:09:06Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12704\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12704\nhttps://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05\nhttps://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"], "statement": "This vulnerability marked as high severity rather than moderate due to its potential to cause a complete Denial of Service (DoS) in affected applications. This flaw can be triggered trivially by supplying an invalid input type.\nSince there is no exception handling when the prediction thread terminates prematurely, the get_response_gen function enters an infinite loop, consuming CPU resources indefinitely. This not only disrupts service availability but can also impact multi-threaded environments where stalled threads accumulate, degrading overall system performance.", "threat_severity": "Important"}