A newly discovered vulnerability (CVE-2024-37032) exists in Ollama before version .1.34 where the format of the digest (sha256 with 64 hex digits) is not appropriately validated during the process of obtaining the model path. Consequently, this leads to the mishandling of TestGetBlobsPath test cases when there are either less or more than 64 hex digits, or when the initial ../ substring is present.
Details
Ollama, the popular data serialization framework, is vulnerable to a security flaw in the versions older than .1.34. The vulnerability manifests in the way the software handles the TestGetBlobsPath test cases, specifically the lack of robust validation of the digest format.
When processing the TestGetBlobsPath test cases, the expected digest format is a sha256 value with exactly 64 hexadecimal digits. However, the vulnerable versions of Ollama fail to correctly validate the format, leading to potential security risks if the test case contains fewer or more than 64 hexadecimal digits or starts with a ../ substring.
The vulnerable code snippet can be found in the ollama/src/blob.rs file
pub fn get_blobs_path(cache: &Path, blobs: &Blobs) -> PathBuf {
let mut output = cache.join("blobs/sha256");
...
output.push(&blobs.digest);
...
output
}
This code does not include any checks for the proper format of the blobs.digest variable, potentially causing the path traversal vulnerability.
Exploit
The primary risk associated with this vulnerability is unauthorized access to sensitive information, particularly if an attacker can craft a malicious TestGetBlobsPath test case. By manipulating the digest format, an attacker can potentially access information stored outside of the intended model path.
For fewer than 64 hex digits
{
"digest": "b829ef378cbb42aa1157916e3ca5bc829"
}
For more than 64 hex digits
{
"digest": "a2564f78d9b9c09ac321c9af91e567123456789abcdef0123456789abcdef01abc"
}
For initial ../ substring
{
"digest": "../secret_files/e4b27fb1e50e2028a0142928391cee918e25c"
}
Mitigation
The developers of Ollama have addressed this vulnerability in version .1.34. To mitigate the risk associated with CVE-2024-37032:
Update to the latest version of Ollama (.1.34 or later)
2. Ensure your software correctly validates the digest format before processing TestGetBlobsPath test cases.
Original References
- Ollama GitHub Repository: https://github.com/ollama/ollama
- CVE-2024-37032 (NVD): https://nvd.nist.gov/vuln/detail/CVE-2024-37032
- Ollama Version .1.34 Release Notes: https://github.com/ollama/ollama/releases/tag/v.1.34
Conclusion
CVE-2024-37032 is a critical vulnerability in Ollama before version .1.34 that can lead to unauthorized access to sensitive information by exploiting the mishandling of TestGetBlobsPath test cases. By updating to the latest version and ensuring proper validation of digest formats, you can mitigate the risks associated with this vulnerability.
Timeline
Published on: 05/31/2024 04:15:09 UTC
Last modified on: 11/21/2024 09:23:05 UTC