CVE CyberSecurity Database News

CVE-2024-8177: GitLab CE/EE Denial of Service Vulnerability via Malicious Harbor Registry Integration

Poster -

A previously unknown security issue (CVE-2024-8177) was discovered in GitLab CE/EE (Community Edition/Enterprise Edition), affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, and starting from 17.6 prior to 17.6.1. This vulnerability enables attackers to create a Denial of Service (DoS) situation by integrating a malicious harbor registry into a GitLab instance and exploiting a flaw in the implementation of project container registries.

Fundamentally, the vulnerability is a result of improper handling of malformed JSON responses from Harbor registries. The affected code snippet is included below for further examination.

Affected code snippet

class Harbor::V2::Client
  ...
  def repositories
    response = request(:get, "/v2/_catalog")
    return parse_json_response(response, symbolize_names: false)["repositories"]
  rescue *::Gitlab::HTTP::HTTP_ERRORS => e
    raise ::HarborClient::Error.new("Failed to get catalog from '#{url}'", e)
  end
  ...
end

Exploit Details

An attacker can exploit this vulnerability by setting up a malicious Harbor registry, sending malformed JSON responses when integrated into a GitLab instance. Given that project container registries are not isolated between different projects within a single GitLab instance, this vulnerability essentially allows an attacker to cause a DoS situation by targeting all projects that utilize container registries within the affected GitLab instance.

The following sections provide more details on the issue and the steps to mitigate the vulnerability.

Original References

1. GitLab Release Notes Detailing the Vulnerability and Affected Versions: [link to GitLab release notes]

Mitigation

To mitigate the risk of exploitation, it is highly recommended that you update your GitLab CE/EE instance to one of the following patched versions:

Conclusion

The CVE-2024-8177 vulnerability in GitLab CE/EE poses a significant risk for Denial of Service attacks resulting from the improper handling of malformed JSON responses from untrusted Harbor registries. To protect your GitLab instance, it is crucial to apply the necessary updates or follow the recommended workaround.

Stay vigilant and ensure your GitLab instance remains safe and secure by subscribing to security updates, keeping an eye on security disclosures, and regularly updating your software to the latest versions.

Timeline

Published on: 11/26/2024 19:15:31 UTC