CVE-2024-12704 identifies a Denial of Service vulnerability in the LangChainLLM class within the run-llama/llama_index repository, specifically version v0.12.5. The vulnerability arises in the stream_complete method, which executes the language model (llm) in a separate thread and retrieves its output through the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict method is executed—commonly triggered by providing input of an incorrect type—the get_response_gen function enters an infinite loop due to the absence of exception handling for this scenario. This infinite loop causes the process to consume CPU resources indefinitely, effectively resulting in a Denial of Service condition. The vulnerability is classified under CWE-835 (Loop with Unreachable Exit Condition) and has a CVSS v3.0 score of 7.5, indicating high severity. The attack vector is network-based with no required privileges or user interaction, making exploitation feasible remotely. No patches or fixes have been published yet, and no active exploits have been reported. The affected software is used in AI and natural language processing applications, where run-llama/llama_index serves as a framework for interfacing with language models. The lack of robust input validation and error handling in the threading logic is the root cause of this vulnerability.

For European organizations, this vulnerability poses a significant risk of service disruption in AI-driven applications that utilize the run-llama/llama_index framework. A successful exploit can cause indefinite resource consumption leading to Denial of Service, impacting availability of critical AI services such as chatbots, automated customer support, or data processing pipelines. This can degrade user experience, interrupt business operations, and potentially cause cascading failures if dependent systems rely on these AI components. Given the increasing adoption of AI technologies across sectors like finance, healthcare, and manufacturing in Europe, the impact could be widespread. Additionally, organizations with compliance requirements around service availability and operational resilience (e.g., under GDPR or NIS Directive) may face regulatory scrutiny if disruptions occur. While confidentiality and integrity are not directly affected, the availability impact alone is substantial, especially for real-time or high-availability AI services.

To mitigate this vulnerability, organizations should implement strict input validation to ensure only correctly typed inputs are passed to the LangChainLLM class, preventing thread failures triggered by malformed inputs. Developers should enhance the run-llama/llama_index codebase by adding robust exception handling around the thread execution and the get_response_gen method to detect and gracefully handle abnormal thread termination, thereby avoiding infinite loops. Monitoring and alerting on abnormal CPU or thread usage in systems running this software can provide early detection of exploitation attempts. Until an official patch is released, consider isolating the affected components within containerized or sandboxed environments to limit resource impact. Additionally, applying runtime protections such as watchdog timers or process supervisors can help terminate hung processes automatically. Engage with the vendor or open-source maintainers to track patch availability and apply updates promptly once released. Finally, conduct security testing and fuzzing on inputs to identify and remediate similar issues proactively.