Vulnerabilities > CVE-2024-4323
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
Related news
References
- https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04
- https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04
- https://tenable.com/security/research/tra-2024-17
- https://tenable.com/security/research/tra-2024-17
- https://www.vicarius.io/vsociety/posts/linguistic-lumberjack-memory-corruption-in-fluent-bit-cve-2024-4323