Full Report
devfiles are a mechanism for describes Workspaces in Kubernetes environments for Gitlab. Workspaces are isolated environments. The parent field can be used as a base for a workspace, but was banned in the devfile for security reasons. At this point, the author noticed that two parsers existed: Ruby for Gitlab and Go for the Workspaces. So, if the author found a difference between the two parsers where Ruby didn't see something but workspaces did, it would be possible to smuggle in the parent field. Prior to this, they had found a difference between Python and Go with the !!binary option. This didn't work but something similar did - !binary. The Go parser will decode the binary data for the key but the Ruby parser doesn't not. So, it's possible to add a parent but ONLY within the Go parser. The author needed another bug to make this worthwhile. The devfile tar.gz parsing had a directory traversal issue. They had told the Go linter to ignore the opening of an arbitrary file because it was cleared. However, with relative paths, filepath.Clean does NOT actually clean the path. So, this directory traversal allows for the writing outside of the intended area. They add a few more notes... First, parser differentials are everywhere and should be looked for. Second, don't trust the comments. Third, you can't find all the bugs, as they missed a go-git vulnerability while auditing this that was reported afterwards. Overall, a good writeup on an interesting bug!
Analysis Summary
# Vulnerability: GitLab Workspaces Devfile Parser Differential and Directory Traversal
## CVE Details
- **CVE ID:** CVE-2024-0402
- **CVSS Score:** 9.9 (Critical)
- **CWE:** CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), CWE-436 (Interpretation Conflict)
## Affected Systems
- **Products:** GitLab (Community Edition and Enterprise Edition)
- **Versions:** Affected from 16.0 prior to 16.7.6, 16.8.3, and 16.9.1.
- **Configurations:** Systems utilizing the GitLab "Workspaces" feature which processes `devfile` YAML configurations.
## Vulnerability Description
This is a multi-layered vulnerability stemming from two distinct flaws:
1. **Parser Differential:** GitLab uses a Ruby-based Gem to validate devfiles while a Go-based helper binary performs the actual workspace processing. The Go YAML parser recognizes the `!binary` tag for keys, whereas the Ruby parser does not. This allows an attacker to "smuggle" forbidden fields (such as the `parent` field, which was banned for security) by encoding the key name in binary format. Ruby ignores it during validation, but Go decodes and executes it.
2. **Directory Traversal:** When processing a `tar.gz` file from a devfile registry via a relative path, the application uses `filepath.Clean`. However, the developers erroneously assumed `filepath.Clean` would neutralize directory traversal attempts. By using specific relative paths, an attacker can bypass this check to write files outside of the intended workspace directory.
## Exploitation
- **Status:** PoC available (Techniques documented by GitLab Security Research).
- **Complexity:** High (Requires bypassing validation via parser differential and setting up a malicious registry/server).
- **Attack Vector:** Network (Authenticated).
## Impact
- **Confidentiality:** High (Potential access to sensitive system files).
- **Integrity:** High (Arbitrary file write allows for the modification of system files or application code).
- **Availability:** High (Potential for system-wide compromise leading to service disruption).
- **Note:** The arbitrary file write can be further escalated to remote code execution (RCE) on the GitLab instance.
## Remediation
### Patches
GitLab released the following versions to address the vulnerability:
- v16.9.1
- v16.8.3
- v16.7.6
### Workarounds
- Disable the "Workspaces" feature if GitLab is running on a vulnerable version and cannot be immediately patched.
- Restrict network access to untrusted external devfile registries.
## Detection
- **Indicators of Compromise:**
- Presence of `!binary` tags within `devfile.yaml` files in GitLab repositories.
- Unusual file write activity in directories associated with GitLab Workspaces or Kubernetes runners.
- Log entries showing `tar.gz` extractions involving `../` sequences in the `devfile` processing components.
- **Detection Methods:** Audit existing devfiles for encoded keys or the presence of the `parent` field smuggled via YAML tags.
## References
- **Vendor Advisory:** [https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-3-released/#arbitrary-file-write-via-the-workspace-devfile-configuration]
- **Technical Writeup:** [https://gitlab-com.gitlab.io/gl-security/security-tech-notes/security-research-tech-notes/devfile/]
- **CVE Link:** [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0402]