CVE-2026-10722
cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow
A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The name of the patch is 533dfc82fd228bfadf42ea7180c39de7d9af47fa. A patch should be applied to remediate this issue.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
cilium · ebpfpublic PoCs found — 1
cve_referencegist.github.com/thesmartshadow/256bff0f8042c584f993ace89074a815unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://gist.github.com/thesmartshadow/256bff0f8042c584f993ace89074a815https://github.com/cilium/ebpf/https://github.com/cilium/ebpf/commit/533dfc82fd228bfadf42ea7180c39de7d9af47fahttps://github.com/cilium/ebpf/issues/2019https://github.com/cilium/ebpf/pull/2021https://vuldb.com/cve/CVE-2026-10722https://vuldb.com/submit/818291https://vuldb.com/vuln/368091https://vuldb.com/vuln/368091/cti