900 matches found
MAL-2026-4613 Malicious code in monade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32631bc0128011d7e526d2665460d2e4562c2d50602e38218e2ad3078635726a [email protected] advertises itself as a JavaScript monad/flow utility library cjs/index.js exports flow, of, opt, ka, dev, yet ships a 976KB UPX-packed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed potential improper dereferencing of pointers in bpfsysbpf. The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Ice: Avoid bpfprog refcount underflow The Ice driver includes routines for managing XDP resources that are shared between the ndobpf operation and the VSI rebuild flow. The latter occurs, for example, when the user changes the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed the warning related to sk-skforwardalloc in skstreamkillqueues. When running testsockmap in selftests, the following warning appears: WARNING: CPU: 2 PID: 197 at net/core/stream.c:205...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mtkethsoc: Reset the progptr to oldprog in case of an error in mtkxdpsetup. Reset the eBPF program pointer to oldprog, and do not decrease its reference count if the mtkopen routine in mtkxdpsetup fails...
Astra Linux – Vulnerability in Linux 5.10
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first gain the ability to execute low-privilege code on the target system in order to exploit this vulnerability. The specific flaw lies in the handling of eBPF...
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI
Summary A remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing memcached storage commands such as set, add, replace, append, prepend, or cas, OBI accepts extremely large values and adds the payload delimite...
GHSA-VVMG-8MJR-G6Q3 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers
Summary OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log injection is enabled, a crafted multi-segment writev call can make OBI read and overwrite memory beyond the first segment. Details In...
GHSA-89C6-VPCJ-7VJ4 OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU
Summary OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the metrics exporter to spend excessive CPU time in a tight loop every collection interval. Details The vulnerable loop is in...
GHSA-8RRQ-WCG8-CV5Q OpenTelemetry eBPF Instrumentation: Redis error text is exported in span status messages
Summary OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate tokens, PII, or other confidential input into telemetry backends and inject untrusted text into downstream analysis...
OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent
Summary OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. Details...
PT-2026-41783
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The Postgres protocol parser incorrectly assumes that BIND message payloads contain a valid NUL-terminated portal name. When processing a crafted empty or unterminated...
ebpf-cve-analysis
eBPF CVE Analysis !polito-logoresources/images/logopolito...
CVE-2026-45686
creationtimestamp| type| source ---|---|--- 2026-05-12 14:14:03+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-43g7-cwr8-q3jh 2026-06-02 18:01:50+00:00| seen|...
CVE-2026-45685
creationtimestamp| type| source ---|---|--- 2026-05-12 14:13:53+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-j8p6-96vp-f3r9 2026-06-02 18:01:43+00:00| seen|...
CVE-2026-45684
creationtimestamp| type| source ---|---|--- 2026-05-12 14:13:40+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-vvmg-8mjr-g6q3...
CVE-2026-45682
creationtimestamp| type| source ---|---|--- 2026-05-12 14:12:38+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-962q-hwm5-52x5 2026-06-02 16:53:08+00:00| seen|...
CVE-2026-45683
creationtimestamp| type| source ---|---|--- 2026-05-12 14:12:18+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-fjq3-ffvr-vm46 2026-06-02 17:31:17+00:00| seen|...
CVE-2026-45680
creationtimestamp| type| source ---|---|--- 2026-05-12 14:11:52+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-89c6-vpcj-7vj4...
CVE-2026-45679
creationtimestamp| type| source ---|---|--- 2026-05-12 14:11:30+00:00| published-proof-of-concept| https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-8rrq-wcg8-cv5q...