1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Fluent Bit vulnerability threatens almost all popular cloud platf

    From TechnologyDaily@1337:1/100 to All on Tue May 21 13:15:05 2024
    Fluent Bit vulnerability threatens almost all popular cloud platforms

    Date:
    Tue, 21 May 2024 13:10:50 +0000

    Description:
    Super popular logging tool comes with a major flaw that could result in sensitive information leakage.

    FULL STORY ======================================================================

    Cybersecurity researchers from Tenable discovered a critical vulnerability in Fluent Bit which allows malicious actors to run denial-of-service attacks, or execute bad code, remotely.

    Fluent Bit is a logging and metrics solution for Windows, macOS, and Linux, and embedded in all the major Kubernetes distributions, including Amazon AWS, Google GCP, and Microsoft Azure, BleepingComputer reports.

    The tool is extremely popular, with its website claiming it was downloaded at least 10 billion times. Apparently, many cybersecurity and tech companies
    also use it as part of their tech stack. Difficult to exploit

    As of version 2.0.7, Fluent Bit was found to be vulnerable to heap buffer overflow, which resulted in critical memory corruption. The researchers
    dubbed it Linguistic Lumberjack. It is tracked as CVE-2024-4323, but apparently exploiting it is not as straightforward.

    "While heap buffer overflows such as this are known to be exploitable, creating a reliable exploit is not only difficult, but incredibly time intensive," Tenable said. "The researchers believe that the most immediate
    and primary risks are those pertaining to the ease with which DoS and information leaks can be accomplished."

    Tenable notified Fluent Bits maintainers on April 30, with fixes being committed to the main branch roughly two weeks later, on May 15. Users can expect Fluent Bit version 3.0.4 to be protected from this vulnerability, and should apply the patch as soon as possible.

    Those who are unable to immediately patch their endpoints should mitigate the issue by limiting access to Fluent Bit's monitoring API to authorized users and services. Even less risky mitigation would include completely disabling the vulnerable API.

    While these utilities are known to contain lots of juicy information for attackers, its important to realize that information leakage isnt the only thing to be concerned with, Tenable concluded. Its essential for
    organizations to update these utilities regularly, adopt adequate defense-in-depth measures, and utilize the principle of least privilege to ensure these tools cannot be misused by attackers. More from TechRadar Pro
    The US State Department told Microsoft that emails in its cloud were hacked last month Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fluent-bit-vulnerability-threatens-almo st-all-popular-cloud-platforms


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)