CVE-2026-45684
MEDIUMOpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers
Title source: cnaDescription
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total iov_iter.count as the copy length. When log injection is enabled, a crafted multi-segment writev call can make OBI read and overwrite memory beyond the first segment. This issue has been patched in version 0.9.0.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-vvmg-8mjr-g6q3
X_Refsource_Misc x_refsource_misc
https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/releases/tag/v0.9.0
Scores
CVSS v3
4.9
EPSS
0.0013
EPSS Percentile
3.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-126
CWE-787
Status
published
Products (3)
go.opentelemetry.io/obi
0.7.0 - 0.9.0Go
open-telemetry/opentelemetry-ebpf-instrumentation
>= 0.7.0, < 0.9.0
opentelemetry/ebpf_instrumentation
0.7.0 - 0.9.0
Published
Jun 02, 2026
Tracked Since
Jun 02, 2026