2 matches found
CVE-2019-9749
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker server, it mishandles incoming network messages. After processing a crafted packet, the plugin's mqttpacketdrop function in /plugins/inmqtt/mqttprot.c executes the memmove functio...
CVE-2019-9749
The CVE-2019-9749 entry pertains to Fluent Bit’s MQTT input plugin (up to version 1.0.4) when acting as an MQTT broker. The root cause is in mqtt_packet_drop (plugins/in_mqtt/mqtt_prot.c): after processing a crafted packet, memmove() is invoked with a negative size, causing a crash of the Fluent ...