Skip to main content

Uncontrolled Resource Consumption

CVE-2021-41186

Severity High
Score 7.5/10

Summary

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 through v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put a patched version of "parser_apache2.rb" into "/etc/fluent/plugin" directory (or any other directories specified by the environment variable `FLUENT_PLUGIN` or `--plugin` option of fluentd).

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-400 - Uncontrolled resource consumption

An uncontrolled resource allocation attack (also known as resource exhaustion attack) triggers unauthorized overconsumption of the limited resources in an application, such as memory, file system storage, database connection pool entries, and CPU. This may lead to denial of service for valid users and degradation of the application's functionality as well as that of the host operating system.

References

Advisory Timeline

  • Published