You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2022-11-21 19:15:32

rcastillo
Member
Registered: 2022-06-02
Posts: 47

[GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Hello There,

My top command is showing that GLPI is using a lot of CPU 350% or so.  Seems like a bug situation. Do you know the fix?

218544 apache    20   0 2445088   2.3g      8 S 366.4%-CPU  30.3  21079:22 kthreaddi


Thank you

Last edited by rcastillo (2022-12-06 01:50:35)

Offline

#2 2022-11-24 00:42:38

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Hello ?

Offline

#3 2022-12-01 18:26:24

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

kthreaddi is a crypto miner and its on GLPI...??? How is this possible that it got infiltrated?

Last edited by rcastillo (2022-12-01 18:48:19)

Offline

#4 2022-12-02 11:44:20

Kaya84
Member
Registered: 2019-06-13
Posts: 217

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Che with your server security group.
Maybe you have other thing installed that made easy for someone upload maliciuos script

Offline

#5 2022-12-02 20:44:55

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

No - GLPI is the only thing that is installed on this server.  It was for GLPI purpose only.  This server is secured.

Offline

#6 2022-12-02 23:16:14

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

exe -> '/var/www/html/glpi/vendor/htmlawed/htmlawed/kthreaddi (deleted)'

rm -rf htmLawedTest.php

.....

GLPI 10.0.2 Copyright (C) 2015-2022 Teclib' and contributors


These fix two critical security vulnerabilities: a SQL Injection (CVE-2022-35947), and a Remote Code Execution (CVE-2022-35914, vulnerability in the third-party library, htmlawed), the latter has been massively exploited since October 3, 2022 to execute code on insecure servers, available on the internet, hosting GLPI (GLPI Network Cloud instances are not impacted).

If you are not on the latest version 9.5.9 or 10.0.3, you must update your instances according to the recommended method (from an empty folder, without overwriting existing GLPI files).

glpi-project.org/security-update-10-0-3-and-9-5-9/

Last edited by rcastillo (2022-12-02 23:18:47)

Offline

#7 2022-12-03 01:46:41

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Can I upgrade from 10.0.2 -> 10.0.5 without a known problem?

I need to since GLPI at 10.0.2 is busted with a vulnerability.

Offline

#8 2022-12-05 10:05:48

Sico31
Member
Registered: 2018-09-24
Posts: 607

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Yes you can, and you must do !

Manger un castor, c'est sauver un arbre.
Quand on est mort, on ne sait pas qu'on est mort ; c'est pour les autres que c'est difficile. Quand on est con, c'est pareil !

Offline

#9 2022-12-06 01:50:22

rcastillo
Member
Registered: 2022-06-02
Posts: 47

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

This is now closed.  Issue is that my GLPI version 10.0.2 was affected and caused broken problems.  Reverted back before the issue occured, took out htmLawedTest.php a file that must be deleted.
Upgraded to 10.0.5 without issues later.

Offline

#10 2022-12-11 13:19:02

salimedwardo
Member
Registered: 2022-12-11
Posts: 9

Re: [GLPI 10.0.2] My GLPI is consuming a lot of CPU. [CLOSED]

Maybe you have other thing installed that made easy for someone upload maliciuos script

Offline

Pages: 1

Board footer

Powered by FluxBB