CVE-2026-35233

Name of the Vulnerable Software and Affected Versions dtrace (affected versions not specified)

Description An unprivileged attacker can create a user-space process with a malicious ELF binary containing an out-of-range sh link field. When a root-level dtrace process attaches to or instruments that process using dtrace -p, pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cache array due to a lack of bounds checks. This leads to an uninitialized or out-of-bounds heap read, which may cause a NULL pointer dereference resulting in a denial of service (DoS) crash of the dtrace process, or potentially allow a read-then-use of a garbage pointer controlled by adjacent allocations, enabling further exploitation in a privileged context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.