Vulnerabilities > CVE-2024-8063 - Divide By Zero vulnerability in Ollama 0.3.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

ollama

CWE-369

NVD

Published: 2025-03-20

Updated: 2025-05-13

Summary

A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a denial of service (DoS) condition when the server processes the model, causing it to crash.

Vulnerable Configurations

Part	Description	Count
Application	Ollama Ollama Ollama 0.3.3	1

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

References

https://huntr.com/bounties/fd8e1ed6-21d2-4c9e-8395-2098f11b7db9