CVE-2024-9512 – A race condition vulnerability in GitLab EE all... (How to Fix)

Q: What is the severity of CVE-2024-9512?

CVE-2024-9512 has a CVSS score of 5.3 (MEDIUM). A race condition vulnerability in GitLab EE allows unauthorized cloning of private repositories when secondary nodes are out of sync. This affects all GitLab EE instances running vulnerable versions, potentially exposing sensitive source code and intellectual property.

📋 TL;DR

A race condition vulnerability in GitLab EE allows unauthorized cloning of private repositories when secondary nodes are out of sync. This affects all GitLab EE instances running vulnerable versions, potentially exposing sensitive source code and intellectual property.

💻 Affected Systems

Products:

GitLab EE

Versions: All versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Requires GitLab EE with secondary nodes configured; CE edition not affected

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could exfiltrate entire private repositories containing proprietary code, credentials, or sensitive data, leading to intellectual property theft or further attacks.

🟠

Likely Case

Opportunistic attackers could clone some private repositories during synchronization windows, gaining access to sensitive source code and configuration files.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to potential exposure of some repositories during brief synchronization periods.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires timing race conditions during node synchronization; authenticated access likely needed

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 17.10.8, 17.11.4, or 18.0.2

Vendor Advisory: https://gitlab.com/gitlab-org/gitlab/-/issues/497748

Restart Required: Yes

Instructions:

1. Backup GitLab instance and database. 2. Update to patched version using package manager. 3. Restart GitLab services. 4. Verify version and functionality.

🔧 Temporary Workarounds

Disable secondary nodes

linux

Temporarily disable secondary nodes to eliminate race condition window

gitlab-ctl stop gitlab-ha-secondary

Restrict repository access

all

Tighten repository permissions and implement IP-based access controls

🧯 If You Can't Patch

Implement strict network segmentation between GitLab nodes and limit external access
Enable comprehensive logging and monitoring for unusual repository access patterns

🔍 How to Verify

Check if Vulnerable:

Check GitLab version: gitlab-rake gitlab:env:info | grep 'GitLab version'

Check Version:

gitlab-rake gitlab:env:info | grep 'GitLab version'

Verify Fix Applied:

Verify version is 17.10.8+, 17.11.4+, or 18.0.2+ and test repository access controls

📡 Detection & Monitoring

Log Indicators:

Unusual repository clone patterns from unexpected sources
Multiple rapid clone attempts during synchronization windows

Network Indicators:

Unexpected git clone traffic from unauthorized IPs
Increased traffic between nodes during sync periods

SIEM Query:

source="gitlab" AND (operation="clone" OR operation="pull") AND repository_access="private" AND user NOT IN authorized_users

📊 Metadata

CVE ID: CVE-2024-9512

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-367

EPSS Score: 0.01% exploit probability (0.6th percentile)

Published: June 12, 2025

Last Updated: August 8, 2025

🔗 References

https://gitlab.com/gitlab-org/gitlab/-/issues/497748 Broken Link
https://hackerone.com/reports/2683469 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9512, you might also want to check these: