CVE-2024-45436 is a critical security vulnerability identified in the Ollama software prior to version 0.1.47, specifically in the extractFromZipFile function located in model.go. The vulnerability is classified as CWE-22, a directory traversal flaw, which allows an attacker to manipulate the extraction process of ZIP archives so that files can be written outside the intended parent directory. This occurs because the function does not properly sanitize or validate the paths of files within the ZIP archive, enabling crafted archive members to escape the extraction root directory. Exploiting this vulnerability can lead to arbitrary file overwrite or creation on the target system, potentially allowing an attacker to place malicious files, modify configuration files, or overwrite critical system files, thereby compromising confidentiality and integrity. The vulnerability has a CVSS v3.1 base score of 9.1, indicating a critical severity with network attack vector, low attack complexity, no privileges required, and no user interaction needed. The scope is unchanged, meaning the impact is confined to the vulnerable component. Although no exploits are currently known in the wild, the ease of exploitation and the severity of impact make this a high-priority issue. The vulnerability affects all versions of Ollama prior to 0.1.47, though exact affected versions are not specified. No official patches or mitigations are linked yet, but upgrading to 0.1.47 or later is expected to resolve the issue.

The impact of CVE-2024-45436 is significant for organizations using vulnerable versions of Ollama, especially those processing ZIP files from untrusted or external sources. Successful exploitation can lead to arbitrary file writes outside the intended directory, enabling attackers to overwrite critical files, implant backdoors, or alter application behavior. This compromises the confidentiality and integrity of the system and data. While availability is not directly impacted, the resulting unauthorized file modifications could lead to system instability or facilitate further attacks. Organizations relying on Ollama in production environments, particularly in automated workflows or cloud deployments, face increased risk of supply chain or lateral movement attacks. The vulnerability's network accessibility and lack of authentication requirements increase the attack surface, making it a high-risk threat globally. Without timely remediation, attackers could leverage this flaw to gain persistent footholds or escalate privileges indirectly.

To mitigate CVE-2024-45436, organizations should immediately upgrade Ollama to version 0.1.47 or later once available, as this version addresses the directory traversal issue. Until an upgrade is possible, implement strict input validation to reject ZIP archives containing suspicious path elements such as '../' sequences or absolute paths. Employ sandboxing or containerization to isolate the extraction process, limiting the potential impact of any malicious file writes. Monitor file system changes in directories where ZIP files are extracted to detect unauthorized modifications. Additionally, restrict the sources of ZIP files to trusted origins and use file integrity monitoring tools to verify critical files have not been altered. Security teams should also review application logs for unusual extraction activities and consider deploying host-based intrusion detection systems (HIDS) to alert on suspicious file operations. Finally, coordinate with Ollama developers or vendors for official patches and security advisories.