CVE-2024-39720

Nov. 1, 2024, 4:35 p.m.

8.2
High

Description

An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).

Product(s) Impacted

Product Versions
Ollama
  • before 0.1.46

Weaknesses

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References

https://github.com/ollama/ollama/compare/v0.1.45...v0.1.46#diff-782c2737eecfa83b7cb46a77c8bdaf40023e7067baccd4f806ac5517b4563131L417
https://oligo.security/blog/more-models-more-probllms

Tags

cve@mitre.org
CWE-125
2024-10-31
CVE-2024-39720

CVSS Score

8.2 / 10

CVSS Data

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: NONE
  • Availability Impact: HIGH
    • View Vector String

    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Date

  • Published: Oct. 31, 2024, 8:15 p.m.
  • Last Modified: Nov. 1, 2024, 4:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.