Fluent Bit in_docker Input Plugin Buffer Overflow Vulnerability Allowing Code Execution

Vulnerability

A buffer overflow vulnerability has been identified in the Fluent Bit in_docker input plugin, specifically in version 4.1.0. The issue arises in the extract_name function, which copies container names into a fixed-size stack buffer without proper length validation. This flaw allows an attacker who can create containers or control container names to supply a long name that overflows the buffer, potentially leading to a process crash or arbitrary code execution.

Impact

Exploitation of this vulnerability can result in a process crash or arbitrary code execution.

Added: Nov 24, 2025, 3:20 PM

Updated: Nov 24, 2025, 5:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fluent Bit in_docker Input Plugin Buffer Overflow Vulnerability Allowing Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating