3.3 CVE-2026-10722

Enriched by CISA
 

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The name of the patch is 533dfc82fd228bfadf42ea7180c39de7d9af47fa. A patch should be applied to remediate this issue.
https://nvd.nist.gov/vuln/detail/CVE-2026-10722

Categories

CWE-189

References


 

AFFECTED (from MITRE)


Vendor Product Versions
cilium ebpf
  • 0.1 [affected]
  • 0.2 [affected]
  • 0.3 [affected]
  • 0.4 [affected]
  • 0.5 [affected]
  • 0.6 [affected]
  • 0.7 [affected]
  • 0.8 [affected]
  • 0.9 [affected]
  • 0.10 [affected]
  • 0.11 [affected]
  • 0.12 [affected]
  • 0.13 [affected]
  • 0.14 [affected]
  • 0.15 [affected]
  • 0.16 [affected]
  • 0.17 [affected]
  • 0.18 [affected]
  • 0.19 [affected]
  • 0.20 [affected]
  • 0.21.0 [affected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end


REMEDIATION




EXPLOITS


Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
No entry