PT-2025-12310 · Ollama · Ollama

Published

2025-03-20

Updated

2025-03-20

CVE-2025-0313

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ollama/ollama versions prior to 0.3.14

Description The issue is due to improper validation of array index bounds in the GGUF model handling code. This can be exploited via a remote network, allowing a malicious user to create a GGUF model that can cause a denial of service (DoS) attack.

Recommendations For versions prior to 0.3.14, update to version 0.3.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the GGUF model handling code to minimize the risk of exploitation.

Exploit

Fix

DoS

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

CVE-2025-0313

Affected Products

Ollama

PT-2025-12310 · Ollama · Ollama

CVE-2025-0313

Weakness Enumeration

Related Identifiers

Affected Products

References · 7