Threat Intelligence / CVE / CVE-2024-37032
CVE-2024-37032
Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-22
Threats tracking this CVE
- LLMJacking: 175,000 Exposed Ollama AI Servers Targeted for Abuse — HIGH
- 175,000 Exposed Ollama Hosts Enabling LLM Abuse — MEDIUM
References
- https://github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58
- https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34
- https://github.com/ollama/ollama/pull/4175
- https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032
- https://github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58
- https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34
- https://github.com/ollama/ollama/pull/4175
- https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032
Full detection coverage & IOCs for threats exploiting CVE-2024-37032 are available via the Threadlinqs MCP server (Purple tier). View plans →