CVE-2025-0312
Published: 20 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-0312 is a vulnerability in ollama/ollama versions up to and including 0.3.14 that results from an unchecked null pointer dereference (CWE-476). A malicious user can create a customized GGUF model file, which, when uploaded and processed on the Ollama server, triggers the dereference and causes a crash.
The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), meaning it can be exploited remotely over the network with low attack complexity and no privileges or user interaction required. An unauthenticated attacker can upload the malicious GGUF model file to the server, achieving a Denial of Service (DoS) by crashing the service and disrupting availability.
Mitigation details are available in the referenced advisory at https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21.
Details
- CWE(s)
Affected Products
AI Security Analysis
- AI Category
- APIs and Models
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- MITRE ATLAS Techniques
- None mapped
- Classification Reason
- Ollama is an open-source platform for local deployment, management, and serving of LLMs using GGUF model files, fitting the 'Other Platforms' category as it provides runtime and API services for AI models.
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables remote denial of service by crashing the Ollama server application through exploitation of an unchecked null pointer dereference when processing a malicious GGUF model file.