Help Center/ Cloud Container Engine_Autopilot/ Product Bulletin/ Vulnerability Notices/ Notice of Fluent Bit Memory Corruption Vulnerability (CVE-2024-4323)
Updated on 2025-03-27 GMT+08:00

Notice of Fluent Bit Memory Corruption Vulnerability (CVE-2024-4323)

Fluent Bit is a powerful, flexible, and user-friendly tool for processing and forwarding logs. It can be used with applications and systems of all sizes and types, including Linux, Windows, embedded Linux, and macOS. Fluent Bit is a widely used logging tool among cloud providers and enterprises, with over 13 billion downloads and deployments to date.

Vulnerability Details

Table 1 Vulnerability details

Type

CVE-ID

Severity

Discovered

Buffer overflow

CVE-2024-4323

Critical

2024-05-20

Impact

Fluent Bit 2.0.7 to 3.0.3 have a heap buffer overflow vulnerability in the embedded HTTP server's parsing of trace requests. The vulnerability arises from the incorrect verification of the data type of input_name during the parsing of incoming requests for the /api/v1/traces endpoint. This allows non-string values, including integer values, to be transferred in the inputs array of requests, which can lead to memory corruption. Attackers can exploit this vulnerability to cause a denial of service, information leakage, or remote code execution.

This vulnerability is involved when the Cloud Native Log Collection add-on earlier than v1.7.0 is installed in the CCE Autopilot cluster.

Identification Method

  1. Go to the Add-ons page and check if the Cloud Native Log Collection add-in has been installed.
    Figure 1 Viewing the installed add-on version

  2. In the Cloud Native Log Collection add-on details, view the add-on version. If the add-on version is earlier than v1.7.0, this vulnerability is involved.
    Figure 2 Add-on details

Solution

This vulnerability has been fixed for the Cloud Native Log Collection add-on in the CCE Autopilot cluster. Upgrade the add-on to the version where the vulnerability has been fixed.

Fixed add-on version: v1.7.0 or later