CVE-2024-37032

Name of the Vulnerable Software and Affected Versions Ollama versions prior to 0.1.34

Description Ollama has a flaw due to insufficient input validation, leading to a path traversal issue. This allows an attacker to overwrite arbitrary files on the server, potentially leading to remote code execution (RCE). Exploitation involved overwriting /etc/ld.so.preload to load a malicious shared library, escalating from arbitrary file write to remote code execution. Over 1,000 instances were found to be exposed. The issue occurs because Ollama does not validate the format of the digest (SHA256 with 64 hexadecimal digits) when obtaining the model path, mishandling cases with fewer or more than 64 digits, or when the path begins with a ../ substring.

Recommendations Versions prior to 0.1.34 should be updated to version 0.1.34 or later.