Cybersecurity scientists have found a critical security flaw in a well-known logging and metrics utility named Fluent Bit that could be exploited to accomplish denial-of-support (DoS), information and facts disclosure, or distant code execution.
The vulnerability, tracked as CVE-2024-4323, has been codenamed Linguistic Lumberjack by Tenable Exploration. It impacts variations from 2..7 by way of 3..3, with fixes available in edition 3..4.
The issue relates to a circumstance of memory corruption in Fluent Bit’s created-in HTTP server that could allow for for DoS, data leakage, or remote code execution.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Precisely, it relates to sending maliciously crafted requests to the checking API through endpoints these kinds of as /api/v1/traces and /api/v1/trace.
“No matter of irrespective of whether or not any traces are configured, it is nonetheless doable for any person with entry to this API endpoint to question it,” security researcher Jimi Sebree mentioned.
“During the parsing of incoming requests for the /api/v1/traces endpoint, the data types of input names are not adequately validated ahead of becoming parsed.”
By default, the details sorts are assumed to be strings (i.e., MSGPACK_Object_STR), which a menace actor could exploit by passing non-string values, primary to memory corruption.
Tenable mentioned it was ready to reliably exploit the issue to crash the services and cause a DoS problem. Remote code execution, on the other hand, is dependent on a selection of environmental aspects such as host architecture and operating procedure.
Users are suggested to update to the latest version to mitigate possible security threats, in particular specified that a proof-of-thought (PoC) exploit has been built offered for the flaw.
Discovered this short article fascinating? Abide by us on Twitter and LinkedIn to read through more special content we post.
Some elements of this report are sourced from:
thehackernews.com
Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel