899 matches found
CVE-2026-43016
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
CVE-2026-31734
CVE-2026-31734 (Linux kernel sched_ext) has been fixed. The issue was a false negative where is_bpf_migration_disabled() could be incorrect on systems without CONFIG_PREEMPT_RCU, causing migration_disabled == 1 to be treated as truly migration-disabled even for the current task. The BPF prolog no...
Exploit for CVE-2026-31431
CVE-2026-31431 aka Copy.Fail eBPF workaro...
CVE-2026-41433
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...
CVE-2026-41433 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...
CVE-2026-41433
OpenTelemetry eBPF Instrumentation (OpenTelemetry OBI) has a local impact flaw in the Java agent injection path for versions 0.4.0–0.7.x (before 0.8.0). A compromised Java workload can cause arbitrary host file overwrites when Java injection is enabled and OBI runs with elevated privileges. The r...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013422)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013422 advisory. An out-of-bounds OOB memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013423)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013423 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010714)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010714 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...
GHSA-8GMG-3W2Q-65F4 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the findTempDir and copyAgent processes. An attacker can overwrite arbitrary files on the host system by controlling the TMPDIR environment variable in a Java process and leveraging symlink manipulation. This is only...
OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...
PT-2026-35073
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions 0.4.0 through 0.7.x Description A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and the...
ML Defender (ARGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations
Ransomware and DDoS attacks disproportionately impact hospitals, schools, and small organizations that cannot afford enterprise security solutions. We present ML Defender aRGus NDR, an open-source network intrusion detection system built in C++20, deployable on commodity hardware at approximately...
SUSE CVE-2026-23294
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...
CVE-2026-23284
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...
CVE-2026-31890
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. Prior to 0.50.1, in a situation where the ring-buffer of a gadget is – incidentally or maliciously – already full, the gadget will silently drop events. Th...
SUSE CVE-2026-25996
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...
CVE-2026-25996
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...
CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...