CVE-2024-58339 is a resource exhaustion vulnerability classified under CWE-770, found in the run-llama project's llama_index library, specifically in versions up to 0.12.2. The vulnerability exists in the VannaPack VannaQueryEngine's custom_query() method, located in llama_index/packs/vanna/base.py. This method dynamically generates SQL queries based on user-supplied prompts and executes them via vn.run_sql() without imposing any limits or throttling on query complexity or execution time. Because the SQL statements are constructed from untrusted input without safeguards, an attacker can submit prompts that translate into highly expensive or unbounded SQL operations. Such operations can consume excessive CPU cycles and memory, leading to denial-of-service conditions that degrade or halt service availability. The vulnerability is remotely exploitable without authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector (AV:N/AC:L/AT:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N) indicates network attack vector, low complexity, no privileges or user interaction required, no confidentiality or integrity impact, but high availability impact. No patches or exploit code are currently publicly available, but the risk remains significant for deployments exposing llama_index to untrusted users. The root cause is the lack of resource consumption controls in the SQL execution path, which should be addressed by introducing query execution limits, input sanitization, and access restrictions.

For European organizations, the primary impact of CVE-2024-58339 is the risk of denial-of-service attacks that can disrupt critical AI-driven services relying on llama_index. Organizations using this library in customer-facing applications or internal tools that accept user prompts could face service outages, degraded performance, and potential operational downtime. This can affect sectors such as finance, healthcare, research, and public services where AI query engines are increasingly integrated. The absence of confidentiality or integrity impact means data breaches are unlikely, but availability loss can still cause significant business disruption and reputational damage. Additionally, remediation efforts and incident response could incur operational costs. The threat is particularly relevant for organizations deploying AI tooling in multi-tenant or cloud environments where untrusted users have input capabilities. Given the high CVSS score and ease of exploitation, the vulnerability represents a critical operational risk if left unmitigated.

To mitigate CVE-2024-58339, organizations should implement the following specific measures: 1) Apply strict input validation and sanitization on user-supplied prompts to prevent generation of excessively complex or unbounded SQL queries. 2) Introduce query execution limits such as maximum execution time, memory usage caps, and result size restrictions within the VannaQueryEngine or the underlying SQL execution environment. 3) Restrict access to the llama_index service to trusted users only, employing authentication and authorization controls to prevent untrusted or anonymous access. 4) Monitor resource usage metrics closely to detect abnormal CPU or memory consumption patterns indicative of exploitation attempts. 5) If possible, isolate the SQL execution environment in sandboxed containers or virtual machines to limit the blast radius of any resource exhaustion. 6) Stay updated with run-llama project releases and apply patches promptly once available. 7) Conduct regular security reviews and penetration testing focusing on injection and resource exhaustion vectors in AI query components. These targeted actions go beyond generic advice by focusing on controlling resource consumption and access in the specific vulnerable component.