CVE-2025-14569
Use-After-Free in ggml-org whisper.cpp read_audio_data Function
Publication date: 2025-12-12
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ggml-org | whisper.cpp | 1.8.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by running the vulnerable whisper-cli tool with AddressSanitizer enabled to catch invalid free operations. Specifically, compiling the software with the '-fsanitize=address' flag on Linux x86_64 systems and then running whisper-cli with a test model and audio file can reproduce the crash caused by the use-after-free. The repro script available in the public exploit repository can be used to verify the issue. There are no network detection commands since the attack requires local access and is triggered by local execution. [3, 4, 1]
Can you explain this vulnerability to me?
This vulnerability exists in the ggml-org whisper.cpp project up to version 1.8.2, specifically in the function read_audio_data within the file /whisper.cpp/examples/common-whisper.cpp. It is a use-after-free vulnerability, meaning that the program attempts to use memory after it has been freed, which can lead to undefined behavior or exploitation. The attack requires local access to the system. The vulnerability has a public exploit available, and the project has not yet responded to the issue report.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized manipulation of the program's behavior due to use-after-free, potentially allowing an attacker with local access to cause crashes, execute arbitrary code, or escalate privileges. This can compromise the confidentiality, integrity, and availability of the affected system or data.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the affected versions of whisper.cpp (up to 1.8.2) and replacing the software with an alternative product, as no patches or fixes have been provided by the developers. Since the vulnerability requires local access and exploitation is straightforward, restricting local access to trusted users and environments can reduce risk. Monitoring for updates or patches from the project is also recommended. [2]