Fluent Bit Memory Corruption Vulnerability Could Lead to Denial of Service, Information Disclosure, or Remote Code Execution

CVE-2024-4323

What is CVE-2024-4323?

A critical vulnerability, known as CVE-2024-4323, has been identified in Fluent Bit versions 2.0.7 thru 3.0.3, which may result in memory corruption leading to denial of service, information disclosure, or remote code execution. The vulnerability affects major cloud providers' offerings and the tech companies using them, but researchers state that exploiting the vulnerability for remote code execution is much harder. Tenable researchers have confirmed that the vulnerability has been exploited. The issue has been addressed in Fluent Bit v3.0.4, which companies are advised to upgrade to, or to ensure that access to Fluent Bit’s monitoring API is given only to authorized users and services. The affected cloud providers have been notified in order to initiate their internal triage processes.

News Articles

SC Media

CVE-2024-4323

Memory corruption flaw in Fluent Bit could disrupt cloud platforms

Security pros warn that a bug in the popular open-source logging and metrics tool could cause denial-of-service attacks and data loss in all the major cloud platforms, including AWS, GCP and Azure.

CyberWire

CVE-2024-4323

Alleged Incognito Market operator arrested. OmniVision discloses data breach. Critical flaw affects Fluent Bit.

Alleged Incognito Market operator arrested. OmniVision discloses data breach. Critical flaw affects Fluent Bit.

The Register

CVE-2024-4323

Critical Fluent Bit bug affects all major cloud providers

Infosec researchers are alerting the industry to a critical vulnerability in Fluent Bit – a logging component used by a swathe of blue chip companies and all three major cloud providers. Experts at Tenable...

More News...

References