CVE-2024-12886
📋 TL;DR
This vulnerability allows attackers to crash the Ollama server by sending malicious gzip bomb HTTP responses, causing excessive memory consumption and denial of service. It affects Ollama servers version 0.3.14 that make HTTP requests to external API servers. The vulnerability is in how the server processes HTTP responses without proper size limits.
💻 Affected Systems
- ollama
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server crash and denial of service, potentially disrupting all AI model serving capabilities and requiring manual restart.
Likely Case
Server crashes when processing malicious responses from compromised or malicious API servers, causing temporary service disruption.
If Mitigated
With proper network segmentation and API server whitelisting, impact is limited to specific API endpoints only.
🎯 Exploit Status
Requires control over an API server that the Ollama server trusts and contacts. The vulnerability is triggered by returning a malicious gzip-compressed response.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.3.15 or later
Vendor Advisory: https://github.com/ollama/ollama/security/advisories
Restart Required: Yes
Instructions:
1. Stop the Ollama service. 2. Update Ollama to version 0.3.15 or later using your package manager or download from official sources. 3. Restart the Ollama service.
🔧 Temporary Workarounds
Network segmentation and API whitelisting
allRestrict Ollama server's outbound HTTP connections to trusted API servers only using firewall rules.
Memory limit enforcement
linuxConfigure system memory limits for the Ollama process to prevent complete system exhaustion.
ulimit -v [memory_limit_in_kb]
🧯 If You Can't Patch
- Implement strict network controls to only allow Ollama to communicate with trusted API servers
- Monitor Ollama process memory usage and implement automatic restart policies for high memory consumption
🔍 How to Verify
Check if Vulnerable:
Check Ollama version: ollama --version. If it shows 0.3.14, the system is vulnerable.Check Version:
ollama --versionVerify Fix Applied:
After updating, verify version is 0.3.15 or later: ollama --version📡 Detection & Monitoring
Log Indicators:
- Ollama server crash logs
- Out of memory errors in system logs
- Sudden service termination
Network Indicators:
- Large HTTP responses from API servers to Ollama
- Unusual gzip-compressed traffic patterns
SIEM Query:
process.name:"ollama" AND (event.action:"crash" OR log.level:"error" AND message:"out of memory")