Miggo Logo
Miggo Vulnerability Database
CVE-2025-0315

CVE-2025-0315:
Ollama Allocation of Resources Without Limits or Throttling vulnerability

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2025-0315
GHSA ID
GHSA-fccc-8m69-8r78
EPSS Score
0.19664%
CWE
CWE-770
Published
3/20/2025
Updated
3/21/2025
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/ollama/ollamago

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from processing untrusted GGUF model files during creation/loading. The CreateModel endpoint (ModelHandler) would be the entry point for accepting malicious uploads, while LoadGGUF (GGUF parser) would handle the actual memory allocation based on file metadata. Both lack resource limits: CreateModel doesn't enforce upload quotas, and LoadGGUF trusts the file's tensor size declarations without validation. This matches CWE-770's pattern of missing throttling/limits during resource allocation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility in oll*m*/oll*m* <=*.*.** *llows * m*li*ious us*r to *r**t* * *ustomiz** **U* mo**l *il*, uplo** it to t** Oll*m* s*rv*r, *n* *r**t* it. T*is **n **us* t** s*rv*r to *llo**t* unlimit** m*mory, l***in* to * **ni*l o* S*rvi** (*oS) *tt*

Reasoning

T** vuln*r**ility st*ms *rom pro**ssin* untrust** **U* mo**l *il*s *urin* *r**tion/lo**in*. T** *r**t*Mo**l *n*point (Mo**l**n*l*r) woul* ** t** *ntry point *or ****ptin* m*li*ious uplo**s, w*il* Lo****U* (**U* p*rs*r) woul* **n*l* t** **tu*l m*mory