Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama
Posted by exintrovert420@reddit | LocalLLaMA | View on Reddit | 13 comments
Posted by exintrovert420@reddit | LocalLLaMA | View on Reddit | 13 comments
soyalemujica@reddit
Llama cop also has memory leak in windows at least in Vulcan, llama cpp begins to use a lot of memory over time for no reason until restarted.
LinkSea8324@reddit
Nothing here related to production
ayylmaonade@reddit
buddy, 98% of the people here are hobbyists. what an incredibly stupid comment.
soyalemujica@reddit
What do you mean ?? Of course the issue does not occur in Linux, Linux is thousand times better than Windows. But this issue in specific only occurs with Windows+Vulkan+latest llama cpp
MelodicRecognition7@reddit
there are 2 kinds of "memory leaks", first one is what you describe: when an app eats much more memory than required, because vibecoders forgot to free() unused memory, and the second one is when an app returns parts of its reserved memory (or even worse parts of system memory) to the user sending a specially crafted request, these parts of memory could contain logins, passwords, encryption keys and other sensitive information. I did not check the OP link but judging by words "Critical Unauthenticated" this is the second kind of memory leak which means that if your ollama instance is open to the whole Internet then you are fucked.
soyalemujica@reddit
This is not OLLAMA issue. LLAMACPP
MelodicRecognition7@reddit
I mean that "llama.cpp also has a memory leak" is not relevant to this thread because it is the 1st type of memory leaks (code issue) and this thread is about the 2nd one (security issue).
Finanzamt_Endgegner@reddit
yet another reason to not use ollama 😅
finevelyn@reddit
It's a bug but not a vulnerability in the sense that is described in the article. The model management API is not meant to be exposed to unauthenticated users. You'd be crazy to expose llama-server, vllm or any other of these inference engines directly to unauthenticated users as well, they are not secure.
leonbollerup@reddit
shut up.. we must hate ollama.. this is the way!!
autonomousdev_@reddit
Yo shipped an MVP with Ollama and thought nothing of it. Saw this post and yeah checked logs. Three instances just running for days with defaults. Patched in an hour. This is why you pin versions in Dockerfiles.
MoffKalast@reddit
People are still using ollama?
Due-Memory-6957@reddit
One good thing to come out of these shortages is that people care about memory leaks again instead of just letting it ride