OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to...

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Description

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.

Basic Information

ID CVE-2026-45676

Source GitHub_M

Published Jun 2, 2026 at 15:23

Affected Product

Vendor open-telemetry

Product opentelemetry-ebpf-instrumentation

Version < 0.9.0

Affected Versions open-telemetry opentelemetry-ebpf-instrumentation < 0.9.0

CWE Classification

CWE-20 CWE-248

References

{
    "lastseen": "",
    "description": "OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.",
    "published": "2026-06-02T15:23:50.406Z",
    "modified": "2026-06-02T15:23:50.406Z",
    "type": "cve",
    "title": "OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent",
    "source": "GitHub_M",
    "references": "https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-wp73-mwgf-4jq9\nhttps://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/releases/tag/v0.9.0",
    "id": "CVE-2026-45676",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20",
        "CWE-248"
    ],
    "cvelist": null,
    "sourceData": "open-telemetry opentelemetry-ebpf-instrumentation < 0.9.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "opentelemetry-ebpf-instrumentation",
    "version": "< 0.9.0",
    "vendor": "open-telemetry",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent_CVE-2026-45676