Gitlab Instance High CPU Utilization due to XMRIG tool

[purnashischaki]

Hi Team,

We are facing issue in Gitlab instance, as the CPU utilization is very high and the process is xmrig. As there is gitlab-runner running is there any possibility to run this xmrig through gitlab-runner and also is there any solution to fix this issuse. As the xmrig proccess is running automatically even after killing the process.

Thanks in advance.

[enriqueperezpi]

This looks an exploit: https://nvd.nist.gov/vuln/detail/CVE-2021-22205

We have suffered from the same in our company. xmrig is a miner tool. So basically they have breaking into your server with this exploit to use it as a miner

Good luck

[klymenok]

@purnashischaki it seems they fixed it in these updates https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/#potential-dos-via-a-malformed-tiff-image