Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog message or a malicious tokenizer pattern in the Dissect configuration.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| github.com/elastic/beats/v7(Go) | 7.7.0 | 8.19.9 | N/A |
| github.com/elastic/beats/v7(Go) | 9.0.0 | 9.1.9 | N/A |
| github.com/elastic/beats/v7(Go) | 9.2.0 | 9.2.3 | N/A |
| github.com/elastic/beats/v7(Go) | 0 | 7.0.0-alpha2.0.20251204214633-dd3af18220bf | N/A |
| github.com/elastic/beats(Go) | 0 | N/A | N/A |
CVSS Metrics
