top of page

Critical Vulnerability Found in Popular Cloud Service

19. 3. 2023

A critical vulnerability, dubbed "Linguistic Lumberjack," has been discovered in Fluent Bit, a popular logging and metrics utility used by major cloud providers like Microsoft Azure, Google Cloud, and Amazon Web Services (AWS). This vulnerability, tracked as CVE-2024-4323, affects Fluent Bit versions 2.0.7 to 3.0.3 and poses significant risks to cloud environments.


Details of the Vulnerability


The issue lies within the /api/v1/traces endpoint, which is responsible for handling service uptime, plugin metrics, health checks, and other monitoring activities. The vulnerability arises from improper validation of data types in input arrays, allowing attackers to exploit this weakness and cause memory corruption issues.


Quick Timeline of the Incident


  • January 24, 2024: Tenable reported the vulnerability to Microsoft.

  • January 31, 2024: Microsoft confirmed the vulnerability's classification as "Elevation of Privilege" with a severity level of "Important."

  • February 2, 2024: Microsoft created a plan to fix the vulnerability.

  • June 3, 2024: Tenable coordinated a public disclosure of the vulnerability.


Impact and Response


This vulnerability has prompted cloud service users to take immediate action. While Microsoft has chosen to update its documentation rather than release a patch, customers are urged to analyze their network rules and ensure strong network authentication and authorization to protect against potential exploits.


Tenable recommends Azure customers review their firewall rules, particularly those based on Azure Service Tags, and implement robust security measures. Ensuring that authentication and authorization levels are strong can provide an additional layer of security, even if an attacker manages to exploit the vulnerability.


Recommendations


Users of Fluent Bit should upgrade to version 3.0.4 to mitigate the risks associated with this vulnerability. Additionally, organizations relying on cloud services that use Fluent Bit should contact their providers to confirm that necessary updates have been applied.


For further details, visit Security Boulevard and Born's Tech and Windows World​​​​.

 

SME Security

  • Instagram
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • TikTok
SIGN UP AND STAY UPDATED!

Thanks for submitting!

bottom of page