CVE-2025-12970 | THREATINT

Description

The extract_name function in Fluent Bit in_docker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary code execution.

PUBLISHED Reserved 2025-11-10 | Published 2025-11-24 | Updated 2025-11-28 | Assigner certcc

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

4.0.14

affected

4.1.1

affected

References

fluentbit.io/...d-in-fluent-bit-v4.1-and-backported-to-v4.0/

www.oligo.security/...-cloud-environments-to-remote-takeover

cve.org (CVE-2025-12970)

nvd.nist.gov (CVE-2025-12970)

Download JSON