Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama
Ollama's memory not cleared between requests exposes chat history to attackers.
Deep Dive
A Reddit user submitted a post with a link and comments.
Key Points
- No authentication required: any network-accessible Ollama instance is exploitable.
- Attackers can read prompts, responses, and residuals from other users' sessions.
- Fixed in version 0.5.0; older versions must be updated or isolated immediately.
Why It Matters
Ollama's memory leak exposes sensitive AI conversations to any network attacker, risking data breaches.