May 21, 2024 at 01:54PM Infosec researchers have flagged a critical vulnerability (CVE-2024-4323) in Fluent Bit, a widely used logging component. Tenable discovered the flaw, potentially leading to denial of service, information leakage, and remote code execution. The issue affects versions 2.0.7 through 3.0.3 and may compromise the security of major cloud providers and blue … Read more
May 20, 2024 at 05:16PM A critical Fluent Bit vulnerability, tracked as CVE-2024-4323 and dubbed Linguistic Lumberjack, impacts major cloud providers, tech giants, and cybersecurity firms. This memory corruption vulnerability, introduced with version 2.0.7, can be exploited for denial-of-service and remote code execution. Fixes are expected to ship with Fluent Bit 3.0.4, and mitigation steps … Read more
May 20, 2024 at 04:04PM A severe memory corruption vulnerability named “Linguistic Lumberjack” is found in the popular cloud logging tool Fluent Bit, impacting numerous major cloud service providers and organizations. The bug, tracked under CVE-2024-4323, enables denial of service, data leakage, and remote code execution. Maintainers have released a fix, urging prompt updates or … Read more
December 29, 2023 at 07:00AM Palo Alto Networks reports that an attacker with access to a Kubernetes cluster could exploit vulnerabilities in FluentBit and Anthos Service Mesh (ASM) within Google Kubernetes Engine (GKE) to gain complete control of the cluster. Google has released patches for the issues, but urges users to manually update their clusters … Read more