A critical security vulnerability [1] [2], named Probllama (CVE-2024-37032) [1], has been identified in the Ollama open-source AI platform [5].
Description
This vulnerability, allowing for remote code execution [1] [3] [4] [6], was addressed in version 0.1.34 [3] [4] [6], released on May 7, 2024 [3] [4] [6]. The issue arises from inadequate input validation, resulting in a path traversal exploit that could potentially overwrite server files. By manipulating a model manifest file through the “/api/pull” API endpoint, attackers could achieve remote code execution [2]. The risk is heightened in Docker deployments where the server operates with root privileges and is publicly accessible. Despite the patch, over 1,000 vulnerable instances of Ollama are still active, emphasizing the urgency of upgrading to version 0.1.34 or newer. Furthermore, the lack of authentication in Ollama exposes users to unauthorized access and manipulation of AI models, underscoring the need for robust authentication measures to prevent breaches and unauthorized entry.
Conclusion
The discovery of the Probllama vulnerability in the Ollama AI platform highlights the potential risks associated with insufficient input validation and authentication mechanisms. It is crucial for users to promptly update to the latest version to mitigate the threat of remote code execution and unauthorized access. Moving forward, implementing strong authentication protocols is essential to safeguard AI models and prevent unauthorized breaches.
References
[1] https://smartphonemagazine.nl/en/2024/06/24/securing-ollama-protecting-your-ai-applications/
[2] https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
[3] https://thehackernews.com/2024/06/critical-rce-vulnerability-discovered.html
[4] https://pledgetimes.com/ollama-new-ai-security-problem-then-resolved/
[5] https://www.krofeksecurity.com/index.php/2024/06/24/critical-rce-vulnerability-uncovered-in-ollama-ai-infrastructure-tool/
[6] https://api-security.blog/2024/06/24/critical-rce-vulnerability-discovered-in-ollama-ai-infrastructure-tool/