PT-2026-41782 · Unknown · @Opentelemetry/Instrumentation

Mralias

·

Published

2026-05-18

·

Updated

2026-06-25

·

CVE-2026-45676

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0
Description The replacement ELF parser trusts section offsets, counts, and string offsets from executable files. A crafted local ELF file can cause the agent to dereference invalid section pointers or slice past string tables, leading to a panic while determining the process language. This results in a local denial of service against the telemetry agent, allowing a local user to crash the agent and interrupt observability for other workloads. Technical details include the matchExeSymbols() function iterating over sections using unvalidated fastelf context, and the GetCStringUnsafe() and ReadStruct() functions performing unsafe slicing and pointer conversion without guarding against out-of-range or negative offsets. Additionally, NewElfContextFromData() trusts Shoff, Shnum, and Phnum from the ELF header without validating offsets.
Recommendations Update to version 0.9.0.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45676
GHSA-WP73-MWGF-4JQ9
GO-2026-5714

Affected Products

@Opentelemetry/Instrumentation