CVE-2026-42249— Remote Code Execution in Ollama via Update Mechanism

Remote Code Execution in Ollama via Update Mechanism

Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These values are passed directly to filepath.Join, allowing path traversal sequences (../) to be resolved and enabling files to be written outside the intended update staging directory. An attacker who can influence update responses can exploit this flaw to write arbitrary executables to attacker‑chosen locations accessible to the current user, including the Windows Startup directory. This allows execution of arbitrary executables. Critically, when chained with CVE‑2026‑42248 (Missing Signature Verification for Updates), an attacker can deliver malicious payloads that are written to sensitive locations and executed automatically. Because Ollama for Windows performs silent automatic updates and executes staged binaries without user interaction, this results in automatic and persistent code execution without user awareness. Maintainers of this project were notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Versions from 0.12.10 to 0.17.5 were tested and confirmed as vulnerable, other versions were not tested but might also be vulnerable.

N/A

下载代码缺少完整性检查

Ollama 路径遍历漏洞

Ollama是Ollama开源的一个可以在本地设备上运行、管理和自定义大语言模型的工具。 Ollama 0.12.10版本至0.17.5版本存在路径遍历漏洞，该漏洞源于更新机制中处理攻击者控制的HTTP响应标头不当，应用程序使用从HTTP标头派生的值构造本地文件路径而未验证，这些值直接传递给filepath.Join，允许路径遍历序列被解析，可能导致文件写入预期更新暂存目录之外的位置，攻击者可利用此漏洞将任意可执行文件写入攻击者选择的位置，包括Windows启动目录，导致执行任意可执行文件。

N/A

N/A