Security researchers have identified a critical memory corruption vulnerability in Fluent Bit's HTTP server (CVE-2024-4323), referred to as 'Linguistic Lumberjack,' used extensively by major cloud providers like AWS, Google GCP, and Microsoft Azure, with potential risks including denial of service, information leakage, and remote code execution; Tenable researchers discovered the bug, advising immediate upgrades to the fixed version 3.0.4 along with reviewing configurations to limit access to Fluent Bit's monitoring API, while highlighting that major brands and cybersecurity vendors, including Trend Micro, CrowdStrike, and Splunk, are among the affected users
```https://www.infosecurity-magazine.com/news/critical-fluent-bit-bug-all-cloud/