CVE-2025-0312 – A null pointer dereference vulnerability in Oll... (How to Fix)

Q: What is the severity of CVE-2025-0312?

CVE-2025-0312 has a CVSS score of 7.5 (HIGH). A null pointer dereference vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted GGUF model files that crash the server, causing denial of service. This affects all Ollama servers running vulnerable versions that accept model uploads from untrusted sources.

📋 TL;DR

A null pointer dereference vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted GGUF model files that crash the server, causing denial of service. This affects all Ollama servers running vulnerable versions that accept model uploads from untrusted sources.

💻 Affected Systems

Products:

ollama/ollama

Versions: <=0.3.14

Operating Systems: All platforms running Ollama

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable when Ollama server accepts model uploads. Default installations with model serving enabled are affected.

📦 What is this software?

Ollama by Ollama

View all CVEs affecting Ollama →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained DoS attacks could render Ollama services completely unavailable, disrupting AI/ML workflows and dependent applications.

🟠

Likely Case

Intermittent service crashes requiring manual restart of Ollama processes, causing temporary service disruption.

🟢

If Mitigated

Minimal impact with proper network segmentation and trusted source controls for model uploads.

🌐 Internet-Facing: HIGH - Remote network exploitation allows attackers to crash servers without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could still exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires creating a malicious GGUF model file with specific null pointer triggers. No authentication needed for model upload endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: >0.3.14

Vendor Advisory: https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21

Restart Required: No

Instructions:

1. Update Ollama to version >0.3.14 using your package manager or download from official sources. 2. Verify the update completed successfully. 3. No service restart required as updates typically apply immediately.

🔧 Temporary Workarounds

Restrict model upload sources

all

Only allow model uploads from trusted, verified sources and implement upload validation

Network segmentation

all

Place Ollama servers behind firewalls with restricted access to model upload endpoints

🧯 If You Can't Patch

Implement strict network access controls to limit who can upload models to Ollama servers
Deploy monitoring and alerting for repeated server crashes or abnormal model upload patterns

🔍 How to Verify

Check if Vulnerable:

Check Ollama version with 'ollama --version' or examine installed package version

Check Version:

ollama --version

Verify Fix Applied:

Confirm version is >0.3.14 and test model upload functionality with known safe models

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in Ollama logs
Unexpected process termination
Failed model creation attempts with malformed files

Network Indicators:

Multiple rapid model upload attempts from single source
Unusual GGUF file upload patterns

SIEM Query:

source="ollama.log" AND ("segmentation fault" OR "null pointer" OR "panic")

📊 Metadata

CVE ID: CVE-2025-0312

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.23% exploit probability (45.8th percentile)

Published: March 20, 2025

Last Updated: March 28, 2025

🔗 References

https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0312, you might also want to check these: