CVE-2023-5825

Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.

Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde 16.2 anteriores a 16.3.6, todas las versiones desde 16.4 anteriores a 16.4.2, todas las versiones desde 16.5 anteriores a 16.5.1. Un atacante con pocos privilegios puede señalar un Componente CI/CD a una ruta incorrecta y hacer que el servidor agote toda la memoria disponible a través de un bucle infinito y provocar una Denegación de Servicio.

*Credits: Thanks [blakbat](https://hackerone.com/blakbat) for reporting this vulnerability through our HackerOne bug bounty program

CVSS Scores

NISTv3.1 6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-27 CVE Reserved
2023-11-06 CVE Published
2024-10-03 CVE Updated
2024-11-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CAPEC

References (1)

URL	Tag	Source
https://gitlab.com/gitlab-org/gitlab/-/issues/428984	Broken Link

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				>= 16.2.0 < 16.3.6 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.2.0 < 16.3.6"		community		Affected
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				>= 16.2.0 < 16.3.6 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.2.0 < 16.3.6"		enterprise		Affected
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				>= 16.4.0 < 16.4.2 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.4.0 < 16.4.2"		community		Affected
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				>= 16.4.0 < 16.4.2 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.4.0 < 16.4.2"		enterprise		Affected
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				16.5.0 Search vendor "Gitlab" for product "Gitlab" and version "16.5.0"		community		Affected
Gitlab Search vendor "Gitlab"		Gitlab Search vendor "Gitlab" for product "Gitlab"				16.5.0 Search vendor "Gitlab" for product "Gitlab" and version "16.5.0"		enterprise		Affected