Paul Gerste
Paul Gerste (@pspaul95, @pspaul@infosec.exchange, @pspaul95.bsky.social) is a vulnerability researcher at Sonar. He has a proven talent for finding security issues, demonstrated by his two successful Pwn2Own participations and discoveries in popular applications like Proton Mail, Visual Studio Code, and Grafana. When Paul is not at work, he enjoys playing CTFs with team FluxFingers and organizing Hack.lu CTF.
Session
AI and LLMs are everywhere, but how are they actually implemented? In this session, we will take a detailed look at Ollama, a popular tool to run LLMs locally. In the context of Pwn2Own, we will learn about Ollama's architecture and the GGUF file format for storing large language models. We will then explore a few memory corruption bugs in the handling of these files and dive deep into the exploitation of one of them. The presentation ends with a live exploit demo, notes on disclosure, and lessons learned.