CVE-2021-46879: 
CBL Mariner vulnerability analysis and mitigation

An issue was discovered in Treasure Data Fluent Bit 1.7.1, where a wrong variable is used to get the msgpack data resulting in a heap overflow in flbmsgpackgelfvalueext function. This vulnerability was disclosed on April 11, 2023, and is tracked as CVE-2021-46879 (NVD).

The vulnerability stems from incorrect variable usage when parsing msgpack-c objects related to GELF (Graylog Extended Log Format) data. Specifically, the code uses an incorrect variable to retrieve msgpack data, leading to a heap overflow condition in the flbmsgpackgelfvalueext function. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 HIGH with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

If successfully exploited, this vulnerability allows an attacker to execute arbitrary code on the target system. The attacker can achieve this by crafting a malicious file and tricking the victim into opening it with the affected software, triggering the heap overflow condition (NVD).

The issue has been fixed in a subsequent release. The fix involves using the correct variable (v instead of o) for getting the val and val_len variables when parsing msgpack data. Users should upgrade to a patched version of Fluent Bit (GitHub PR).