Brendan Gregg

**Name of the Vulnerable Software and Affected Versions** bpftrace (affected versions not specified) **Description** The issue allows an unprivileged attacker to force bcc to load compromised Linux headers if kernel headers need to be extracted and are not provided by default. This can occur because bpftrace attempts to load the headers from a temporary directory. Linux distributions that provide kernel headers by default are not affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bcc (affected versions not specified) **Description** The issue arises when kernel headers need to be extracted, and bcc attempts to load them from a temporary directory. An unprivileged attacker could exploit this to force bcc to load compromised Linux headers. However, Linux distributions that provide kernel headers by default are not affected by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.