8.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-39720

GHSA ID

GHSA-95j2-w8x7-hm88

EPSS Score

0.43837%

CWE

CWE-125

Published

10/31/2024

Updated

12/12/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-39720

CVE-2024-39720: Ollama Out-of-bounds Read

An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).

(GitHub Advisory)

8.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-39720

GHSA ID

GHSA-95j2-w8x7-hm88

EPSS Score

0.43837%

CWE

CWE-125

Published

10/31/2024

Updated

12/12/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/ollama/ollama	go	< 0.1.46	0.1.46

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability manifests in the CreateModel route handler (server/routes.go) where user-supplied GGUF files are processed. The GitHub advisory's diff link points to line 417 in routes.go, suggesting modifications to validation logic in this area. The OOB read occurs when parsing malformed GGUF files, implicating both the HTTP handler (failure to validate() input) and the low-level GGUF parser (lack of bounds checks). Confidence is high for CreateModelHandler due to direct route involvement, and medium for GGUF parsing functions due to indirect evidence from the vulnerability mechanics.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in Oll*m* ***or* *.*.**. *n *tt**k*r **n us* two *TTP r*qu*sts to uplo** * m*l*orm** **U* *il* *ont*inin* just * *yt*s st*rtin* wit* t** **U* *ustom m**i* *****r. *y l*v*r**in* * *ustom Mo**l*il* t**t in*lu**s * *ROM st*t*m*nt

Reasoning

T** vuln*r**ility m*ni**sts in t** `*r**t*Mo**l` rout* **n*l*r (s*rv*r/rout*s.*o) w**r* us*r-suppli** **U* *il*s *r* pro**ss**. T** *it*u* **visory's *i** link points to lin* *** in `rout*s.*o`, su***stin* mo*i*i**tions to v*li**tion lo*i* in t*is *r

8.2

Basic Information

Concerned about an active attack path?

CVE-2024-39720: Ollama Out-of-bounds Read

8.2

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI