Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack

From gbhackers.com

Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw.

Many big cloud providers use Fluent Bit for their logging because it is easy to use and can be scaled up or down as needed.

Tenable Research found the flaw, which affects Fluent Bit’s built-in HTTP server and has been designated CVE-2024-4323.

This bug could cause a denial of service (DoS), the loss of information, or the execution of code from afar (RCE).

Read more…