docker-gitlab icon indicating copy to clipboard operation
docker-gitlab copied to clipboard

Published 20 hours ago verified publisher icon sameersbn

Gitlab Instance High CPU Utilization due to XMRIG tool

Open purnashischaki opened this issue 3 years ago • 2 comments

Hi Team,

We are facing issue in Gitlab instance, as the CPU utilization is very high and the process is xmrig. As there is gitlab-runner running is there any possibility to run this xmrig through gitlab-runner and also is there any solution to fix this issuse. As the xmrig proccess is running automatically even after killing the process.

Thanks in advance.

purnashischaki avatar Nov 01 '21 05:11 purnashischaki

This looks an exploit: https://nvd.nist.gov/vuln/detail/CVE-2021-22205

We have suffered from the same in our company. xmrig is a miner tool. So basically they have breaking into your server with this exploit to use it as a miner

Good luck

enriqueperezpi avatar Nov 02 '21 18:11 enriqueperezpi

@purnashischaki it seems they fixed it in these updates https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/#potential-dos-via-a-malformed-tiff-image

klymenok avatar Nov 03 '21 11:11 klymenok