ClickCease GitLab Security Release Fixes Critical File Overwrite Vulnerability

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

GitLab Security Release Fixes Critical File Overwrite Vulnerability

Rohan Timalsina

February 12, 2024 - TuxCare expert team

GitLab has recently released important patches to fix a critical security vulnerability affecting both its Community Edition (CE) and Enterprise Edition (EE). The flaw, identified as CVE-2024-0402, carries a CVSS score of 9.9 out of 10 and could allow attackers to write arbitrary files while creating a workspace.

GitLab disclosed in an advisory that the vulnerability impacts all versions from 16.0 prior to 16.5.8, 16.6 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 in CE/EE. This flaw enables authenticated users to write files to arbitrary locations on the GitLab server during workspace creation. The company has also backported patches for this issue to versions 16.5.8, 16.6.6, 16.7.4, and 16.8.1. However, GitLab 16.5.8 does not include any other fixes except this vulnerability.

 

Other Fixed GitLab Security Vulnerabilities

 

In addition to addressing the critical vulnerability, this security release has also resolved four medium-severity flaws in GitLab. These include:

CVE-2023-6159 (CVSS Severity Score: 6.5 Medium)

A vulnerability has been identified in GitLab CE/EE versions 12.7 to 16.6.6, 16.7 to 16.7.4, and 16.8 to 16.8.1. Attackers could exploit this by using a maliciously crafted input in a Cargo.toml file, leading to a Regular Expression Denial of Service.

 

CVE-2023-5933 (CVSS Severity Score: 6.4 Medium)

A vulnerability has been found in GitLab CE/EE versions from 13.7 to 16.6.6, 16.7 to 16.7.4, and 16.8 to 16.8.1. Improper input sanitization of user names enables arbitrary API PUT requests.

CVE-2023-5612 (CVSS Severity Score: 5.3 Medium)

A vulnerability has been identified in GitLab across all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Despite user profile email visibility being disabled, it was still possible to access user email addresses via the tags feed.

CVE-2024-0456 (CVSS Severity Score: 4.3 Medium)

An authorization vulnerability has been found in GitLab versions ranging from 14.0 to 16.6.6, 16.7 to 16.7.4, and 16.8 to 16.8.1. This allows unauthorized attackers to assign arbitrary users to Merge Requests (MRs) they created within the project.

 

Conclusion

 

This latest GitLab security release came just two weeks after GitLab patched two critical vulnerabilities, one of which could be exploited to take over accounts without any user interaction (CVE-2023-7028, CVSS score: 10.0). To mitigate potential risks, users are strongly advised to upgrade their GitLab installations to the patched versions as soon as possible.

 

The sources for this article include a story from TheHackerNews and  GitLab Releases.

Summary
GitLab Security Release Fixes Critical File Overwrite Vulnerability
Article Name
GitLab Security Release Fixes Critical File Overwrite Vulnerability
Description
Learn about the latest GitLab security release addressing several flaws, including a critical vulnerability allowing file overwrite.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter