CVE-2026-10298
Description
A null pointer dereference vulnerability in ggml-org whisper.cpp allows local attackers to cause a denial of service by loading a crafted model file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A null pointer dereference vulnerability in ggml-org whisper.cpp allows local attackers to cause a denial of service by loading a crafted model file.
Vulnerability
A security flaw exists in ggml-org whisper.cpp up to version 1.8.2, specifically within the whisper_model_load function in ggml/src/ggml.c. The vulnerability is triggered by a crafted whisper model file with specific parameters (e.g., n_audio_state = 0 and n_audio_layer > 0), leading to a null pointer dereference or an assertion failure [2]. Local attack is a requirement for exploitation [2].
Exploitation
An attacker must have local access to the target system. The attacker needs to create a malicious whisper model file with specific invalid hyperparameters, such as n_audio_state = 0 and n_audio_layer > 0. This crafted file can then be loaded by the whisper.cpp application, for example, using the command whisper-cli -m poc.bin -f /dev/null [2].
Impact
Successful exploitation of this vulnerability results in a denial of service. The process will either abort due to an assertion failure (GGML_ASSERT) in ggml/src/ggml.c or due to undefined behavior from a null pointer dereference during memory copy operations in src/whisper.cpp. This crash occurs even in release builds [2].
Mitigation
As of the publication of this vulnerability, the ggml-org project has been informed but has not yet released a fix or responded to the issue report [2]. The available references do not specify a fixed version or a workaround. The project's GitHub repository indicates stable version v1.8.6, but it is unclear if this version addresses the vulnerability [1].
AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.8.2
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A null pointer dereference occurs in the whisper_model_load function due to improper handling of model loading."
Attack vector
An attacker must have local access to the affected system. The vulnerability is triggered when the `whisper_model_load` function in `ggml/src/ggml.c` is called with a manipulated input that leads to a null pointer dereference. This can result in a denial-of-service condition. [ref_id=1]
Affected code
The vulnerability resides within the `whisper_model_load` function, located in the file `ggml/src/ggml.c`.
What the fix does
The advisory does not specify a patch or a fix. The project was informed of the problem early through an issue report but has not responded yet. Therefore, no remediation guidance is available at this time.
Preconditions
- inputLocal access to the system running the vulnerable software.
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5News mentions
0No linked articles in our index yet.