Remote Denial of Service Vulnerability in Fluent Bit by Fluent Inc.
CVE-2024-50608

7.5HIGH

Key Information:

Vendor: Fluent Inc.
Status: Fluent Bit
Vendor: CVE Published:; 18 February 2025

🔔 Create Fluent Inc. Vulnerability Alert

Badges

📈 Score: 327👾 Exploit Exists📰 News Worthy

What is CVE-2024-50608?

CVE-2024-50608 is a vulnerability identified in Fluent Bit, an open-source data collector designed for unified logging. This tool is primarily used to process and export logs and metrics from various sources to different data outputs. The vulnerability allows an attacker to perform a remote Denial of Service (DoS) attack when the Prometheus Remote Write input plugin is active. By sending a specifically crafted packet with a Content-Length of 0, an attacker can cause the Fluent Bit server to crash. This vulnerability can severely disrupt an organization's logging and monitoring capabilities, potentially leading to a loss of valuable operational insights and complicating incident response efforts.

Technical Details

The vulnerability stems from improper handling of packets characterized by a Content-Length of 0. When such a packet is received, it triggers a NULL pointer dereference in the Fluent Bit code. This occurs within the process_payload_metrics_ng() function, where the attempt to process the packet results in a crash of the server. The issue was discovered in version 3.1.9 of Fluent Bit and illustrates how unexpected input can escalate into significant operational issues.

Potential Impact of CVE-2024-50608

Service Disruption: The vulnerability enables a remote attacker to crash the Fluent Bit server, leading to interrupted logging services. This can critically affect an organization's ability to monitor system performance and security events in real-time.
Operational Downtime: Frequent crashing of the logging service may lead to prolonged periods of downtime, impacting business operations and potentially resulting in lost revenue or productivity due to unavailability of log data for troubleshooting or compliance.
Security Risks: With the logging capabilities compromised, organizations may be unable to detect or respond to security incidents effectively, increasing the risk of undetected breaches or attacks that could have been mitigated with proper logging and monitoring practices.

News Articles

Rescana

CVE-2024-50608 CVE-2024-50609

Comprehensive Analysis of Fluent Bit Vulnerabilities CVE-2024-50608 and CVE-2024-50609: Mitigating DoS Risks

Executive SummaryThis report presents an in-depth examination of vulnerabilities CVE-2024-50608 and CVE-2024-50609 found in Fluent Bit, version 3.1.9. These vulnerabilities are of significant concern due to their potential to cause Denial of Service (DoS) via null pointer dereference, impacting ente...