Press Release

Critical memory corruption vulnerability in Fluent Bit’s built-in HTTP server

Tenable Research has discovered a critical memory corruption vulnerability in Fluent Bit’s built-in HTTP server that could potentially result in denial of service (DoS), information leakage, or remote code execution (RCE). The issue was reported to the project’s maintainers on April 30, 2024. Fixes were committed to the project’s main branch on May 15 and are expected in the release of version 3.0.4. The issue has been assigned CVE-2024-4323.

Fluent Bit is a lightweight, open-source data collector and processor that can handle large volumes of log data from various sources. It was designed to be highly scalable and easy to use, making it an ideal choice for collecting and processing logs in cloud-based environments. The project boasts upwards of 3 billion downloads as of 2022 and continues to see more than 10 million deployments each day. It is used heavily in almost every major cloud provider’s infrastructure.

“Nearly every large cloud provider uses this utility, which is known to contain lots of juicy information for attackers. It’s important to realise that information leakage, denial of service and remote code execution are all possible outcomes if the latest version is not being used. Organisations should update these utilities regularly, adopt adequate defence-in-depth measures, and utilise the principle of least privilege to ensure these tools cannot be misused by attackers.” said Jimi Sebree, Staff Research Engineer, Tenable

More information can be found in this blog: Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit – CVE-2024-4323)

About Tenable

Tenable®️ is the Exposure Management company. Approximately 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®️, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 65 percent of the Fortune 500, approximately 50 percent of the Global 2000, and large government agencies. Learn more at tenable.com.