Vulnerabilities > CVE-2025-0317 - Divide By Zero vulnerability in Ollama

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
ollama
CWE-369

Summary

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service (DoS) attack.

Vulnerable Configurations

Part Description Count
Application
Ollama
132

Common Weakness Enumeration (CWE)