CVE-2025-0315 – A memory exhaustion vulnerability in Ollama all... (How to Fix)

Q: What is the severity of CVE-2025-0315?

CVE-2025-0315 has a CVSS score of 7.5 (HIGH). A memory exhaustion vulnerability in Ollama allows attackers to upload specially crafted GGUF model files that cause unlimited memory allocation, leading to Denial of Service. This affects all Ollama servers running vulnerable versions, potentially disrupting AI model serving capabilities.

📋 TL;DR

A memory exhaustion vulnerability in Ollama allows attackers to upload specially crafted GGUF model files that cause unlimited memory allocation, leading to Denial of Service. This affects all Ollama servers running vulnerable versions, potentially disrupting AI model serving capabilities.

💻 Affected Systems

Products:

ollama/ollama

Versions: <= 0.3.14

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments using vulnerable Ollama versions are affected regardless of configuration.

📦 What is this software?

Ollama by Ollama

View all CVEs affecting Ollama →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server crash and service unavailability due to memory exhaustion, requiring manual intervention to restart services and clear memory.

🟠

Likely Case

Temporary service degradation or crashes affecting model inference capabilities until memory is freed or service restarted.

🟢

If Mitigated

Limited impact with proper monitoring and resource limits in place, potentially causing only temporary performance issues.

🌐 Internet-Facing: HIGH - Internet-facing Ollama servers are directly exposed to exploitation attempts from any remote attacker.

🏢 Internal Only: MEDIUM - Internal servers are still vulnerable to authenticated users or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to upload custom GGUF model files to the Ollama server, which typically requires some level of access or API usage.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: > 0.3.14

Vendor Advisory: https://huntr.com/bounties/da414d29-b55a-496f-b135-17e0fcec67bc

Restart Required: No

Instructions:

1. Update Ollama to version 0.3.15 or later. 2. Use package manager: 'ollama upgrade' or download latest release from official repository. 3. Verify update with 'ollama --version'.

🔧 Temporary Workarounds

Restrict model uploads

all

Limit who can upload custom GGUF model files to the Ollama server

Implement memory limits

all

Use container or system-level memory limits to prevent complete exhaustion

docker run --memory=4g ollama/ollama
systemd: MemoryLimit=4G in service file

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized users from uploading model files
Deploy monitoring for abnormal memory usage patterns and implement automated alerts

🔍 How to Verify

Check if Vulnerable:

Check Ollama version with 'ollama --version' and verify if <= 0.3.14

Check Version:

ollama --version

Verify Fix Applied:

Confirm version > 0.3.14 with 'ollama --version' and test model upload functionality

📡 Detection & Monitoring

Log Indicators:

Abnormal memory allocation patterns
Multiple large model upload attempts
Server crash logs with out-of-memory errors

Network Indicators:

Unusual volume of model upload requests
Large file transfers to Ollama API endpoints

SIEM Query:

source="ollama.log" AND ("out of memory" OR "memory allocation" OR "model upload")

📊 Metadata

CVE ID: CVE-2025-0315

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.25% exploit probability (48.2th percentile)

Published: March 20, 2025

Last Updated: April 2, 2025

🔗 References

https://huntr.com/bounties/da414d29-b55a-496f-b135-17e0fcec67bc Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0315, you might also want to check these: