CVE-2024-2651 – This vulnerability allows attackers to cause de... (How to Fix)

Q: What is the severity of CVE-2024-2651?

CVE-2024-2651 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows attackers to cause denial of service (DoS) in GitLab instances by submitting maliciously crafted markdown content. All GitLab CE/EE instances running vulnerable versions are affected, potentially disrupting service availability.

📋 TL;DR

This vulnerability allows attackers to cause denial of service (DoS) in GitLab instances by submitting maliciously crafted markdown content. All GitLab CE/EE instances running vulnerable versions are affected, potentially disrupting service availability.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: All versions before 16.9.7, 16.10.0 to 16.10.4, 16.11.0 to 16.11.1

Operating Systems: All operating systems running GitLab

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all GitLab deployments regardless of configuration. The vulnerability is in markdown processing functionality.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability of GitLab instance, preventing all users from accessing repositories, CI/CD pipelines, and other GitLab functionality.

🟠

Likely Case

Partial service degradation or temporary unavailability affecting specific features that process markdown content.

🟢

If Mitigated

Minimal impact with proper input validation and rate limiting in place, though some service disruption may still occur.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to submit markdown content (e.g., through issues, comments, or repository content). Attackers need some level of access to the GitLab instance.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 16.9.7, 16.10.5, or 16.11.2

Vendor Advisory: https://gitlab.com/gitlab-org/gitlab/-/issues/450830

Restart Required: Yes

Instructions:

1. Backup your GitLab instance. 2. Update to GitLab 16.9.7, 16.10.5, or 16.11.2 using your preferred update method. 3. Restart GitLab services. 4. Verify the update was successful.

🔧 Temporary Workarounds

Restrict Markdown Input

all

Limit who can submit markdown content through GitLab features

Rate Limit Markdown Processing

all

Implement rate limiting on endpoints that process markdown

🧯 If You Can't Patch

Implement strict input validation and sanitization for all markdown content
Monitor for unusual markdown processing activity and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check GitLab version via Admin Area or command line. If version is before 16.9.7, between 16.10.0-16.10.4, or between 16.11.0-16.11.1, you are vulnerable.

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'GitLab Version'

Verify Fix Applied:

After patching, verify GitLab version is 16.9.7, 16.10.5, or 16.11.2 or later.

📡 Detection & Monitoring

Log Indicators:

Unusually large markdown processing times
Multiple markdown processing errors
High CPU/memory usage from markdown parsing

Network Indicators:

Increased traffic to markdown-related endpoints
Timeouts on markdown processing requests

SIEM Query:

source="gitlab" AND ("markdown" OR "rendering") AND (error OR timeout OR "high latency")

📊 Metadata

CVE ID: CVE-2024-2651

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-1333

Published: May 14, 2024

Last Updated: December 12, 2024

🔗 References

https://gitlab.com/gitlab-org/gitlab/-/issues/450830 Broken Link
https://hackerone.com/reports/2408619 Permissions Required
https://gitlab.com/gitlab-org/gitlab/-/issues/450830 Broken Link
https://hackerone.com/reports/2408619 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-2651, you might also want to check these: