The article discusses a vulnerability in the popular open-source project Ollama, used for running artificial intelligence models, called “Probllama.” Security researchers from Wiz discovered this remote code execution vulnerability, tracked as CVE-2024-37032, which has not been patched by many instances of Ollama. Companies are prioritizing the transformative power of AI over security measures, making them vulnerable to threat actors targeting these new tools with early-stage development lacking standardized security features.
Ollama, along with other tools like TorchServe and Ray Anyscale, has been vulnerable to similar RCE flaws. Ollama simplifies the deployment of AI models and is widely used, with hundreds of thousands of pulls per month on Docker Hub and over 70,000 stars on GitHub. Hackers can exploit the vulnerability by embedding a malicious manifest file when users pull a model from a private registry, potentially compromising the hosting environment.
The flaw is caused by insufficient server-side validation, allowing attackers to read and corrupt files without permission and execute vulnerable code remotely. The ease of exploit is particularly severe in Docker installations. The researchers recommend not exposing Ollama installations to the internet without proper security processes in place. Overall, the article highlights the importance of balancing the adoption of new AI tools with robust security measures to protect against potential threats.
Source link
Source link: https://www.govinfosecurity.com/patched-weeks-ago-rce-bug-in-ai-tool-still-probllama-a-25611