CVE-2026-45676: CWE-20: Improper Input Validation in open-telemetry opentelemetry-ebpf-instrumentation
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.
AI Analysis
Technical Summary
OpenTelemetry eBPF Instrumentation versions before 0.9.0 contain a vulnerability due to improper input validation in the ELF parser component. The parser trusts potentially malicious section offsets and string offsets from ELF files, which can lead to invalid memory dereferences or out-of-bounds string table accesses. This causes the agent to panic, impacting availability. The vulnerability is identified as CWE-20 (Improper Input Validation) and CWE-248 (Uncaught Exception). The issue is fixed in version 0.9.0.
Potential Impact
The vulnerability can cause the opentelemetry-ebpf-instrumentation agent to panic, resulting in a denial of service condition. There is no indication of confidentiality or integrity impact. The CVSS score of 5.5 reflects a medium severity primarily due to availability impact with local attack vector and low complexity.
Mitigation Recommendations
This vulnerability has been patched in open-telemetry opentelemetry-ebpf-instrumentation version 0.9.0. Users should upgrade to version 0.9.0 or later to remediate this issue. No other mitigation or temporary workaround is indicated.
CVE-2026-45676: CWE-20: Improper Input Validation in open-telemetry opentelemetry-ebpf-instrumentation
Description
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.
CVSS v3.1
Score 5.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OpenTelemetry eBPF Instrumentation versions before 0.9.0 contain a vulnerability due to improper input validation in the ELF parser component. The parser trusts potentially malicious section offsets and string offsets from ELF files, which can lead to invalid memory dereferences or out-of-bounds string table accesses. This causes the agent to panic, impacting availability. The vulnerability is identified as CWE-20 (Improper Input Validation) and CWE-248 (Uncaught Exception). The issue is fixed in version 0.9.0.
Potential Impact
The vulnerability can cause the opentelemetry-ebpf-instrumentation agent to panic, resulting in a denial of service condition. There is no indication of confidentiality or integrity impact. The CVSS score of 5.5 reflects a medium severity primarily due to availability impact with local attack vector and low complexity.
Mitigation Recommendations
This vulnerability has been patched in open-telemetry opentelemetry-ebpf-instrumentation version 0.9.0. Users should upgrade to version 0.9.0 or later to remediate this issue. No other mitigation or temporary workaround is indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-12T21:59:25.666Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1efb66e29bf47b50db352d
Added to database: 6/2/2026, 3:48:54 PM
Last enriched: 6/2/2026, 4:05:01 PM
Last updated: 6/3/2026, 5:03:16 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.