Ollama Ollama Denial-of-Service Vulnerability via Custom GGUF Model Upload

Vulnerability

A denial-of-service vulnerability has been identified in Ollama Ollama versions through 0.3.14. This issue allows a malicious user to create a custom GGUF model file, upload it to the Ollama server, and deploy it. The uploaded model can cause the server to use an unlimited amount of memory, resulting in a denial-of-service condition.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, causing the server to consume excessive memory and potentially become unresponsive.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ollama Ollama Denial-of-Service Vulnerability via Custom GGUF Model Upload

Vulnerability

Impact

Affected Products

ollama/ollama

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating