CVE-2024-8063
Published: 20 March 2025
Summary
CVE-2024-8063 is a high-severity Divide By Zero (CWE-369) vulnerability in Ollama Ollama. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 20.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the divide-by-zero flaw in ollama v0.3.3 by identifying, patching, and verifying fixes for CVE-2024-8063.
Validates Modelfile inputs such as block_count to block crafted values that trigger divide-by-zero during GGUF model import.
Implements error handling to prevent server crashes from unhandled exceptions like divide-by-zero during model processing.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The divide-by-zero vulnerability in Ollama allows exploitation to crash the server during model import, enabling endpoint denial of service via application exploitation.
NVD Description
A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a denial of service (DoS) condition when the server processes…
more
the model, causing it to crash.
Deeper analysisAI
CVE-2024-8063, published on 2025-03-20, is a divide by zero vulnerability (CWE-369) affecting ollama/ollama version v0.3.3. The issue arises during the import of GGUF models when a crafted type is specified for the `block_count` parameter in the Modelfile. Processing such a model by the server triggers the vulnerability, resulting in a denial of service (DoS) condition due to a crash. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
The vulnerability is exploitable by any unauthenticated remote attacker with network access to the Ollama server. By providing a specially crafted GGUF model via a Modelfile, the attacker can induce a server crash during model import and processing, achieving a denial of service that disrupts availability without impacting confidentiality or integrity.
Advisories and mitigation details are available in the Huntr bounty report at https://huntr.com/bounties/fd8e1ed6-21d2-4c9e-8395-2098f11b7db9.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Ollama is an open-source platform for running large language models (LLMs) locally, including model import and inference via an API. The vulnerability affects model import (GGUF/Modelfile processing), which is core to its AI/ML functionality.