TLDR:
- Hackers targeted the Ollama AI platform to execute remote code, compromising valuable data and algorithms.
- A critical vulnerability (CVE-2024-37032) in Ollama allowed for remote code execution, affecting over 1000 instances.
Ollama AI Platform Flaw Let Attackers Execute Remote Code
Cybersecurity researchers at Wiz Research discovered a critical Remote Code Execution vulnerability (CVE-2024-37032) in the popular Ollama AI infrastructure platform. This flaw allowed threat actors to execute remote code, potentially compromising proprietary models and sensitive information hosted on the platform. Despite responsible disclosure, many internet-facing Ollama instances were still using vulnerable versions, emphasizing the importance of updating to version 0.1.34 or later.
Wiz researchers found that the vulnerability in the Ollama server led to arbitrary file overwrites and remote code execution, particularly severe in Docker installations with root privileges. The issue stemmed from insufficient input validation in the /api/pull endpoint, enabling path traversal via malicious manifest files. The attack could escalate to remote code execution by tampering with certain files, even in non-root installations.
Ollama users are urged to update their instances, implement authentication measures, and avoid exposing the platform publicly to mitigate the risk of exploitation. The disclosure timeline and subsequent actions show a proactive approach to addressing the vulnerability and enhancing AI security measures.