Severity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Lifecycle Timeline
7DescriptionGitHub Advisory
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation semantics, enabling both filesystem boundary escape and symlink-based file clobbering. This vulnerability is fixed in 0.8.0.
AnalysisAI
OpenTelemetry eBPF Instrumentation versions 0.4.0 through 0.7.x allow local attackers controlling a Java workload to overwrite arbitrary host files via path traversal when Java injection is enabled and the agent runs with elevated privileges. The vulnerability exploits unsafe file creation in the Java agent injection path, where the injector trusts the target process's TMPDIR environment variable and lacks boundary checks, enabling symlink-based file clobbering and filesystem escape. Vendor-released patch available in version 0.8.0. No public exploit identified at time of analysis, but CVSS 8.4 reflects high integrity and availability impact with scope change from container to host.
Technical ContextAI
OpenTelemetry eBPF Instrumentation uses eBPF (extended Berkeley Packet Filter) to provide low-overhead instrumentation for applications. The Java agent injection mechanism dynamically injects OpenTelemetry instrumentation into running Java processes. The vulnerability stems from CWE-22 (Improper Limitation of a Pathname to a Restricted Directory, commonly known as path traversal). The injector reads TMPDIR from the untrusted target process environment and uses it to create temporary files without validating that the path stays within safe boundaries. When OBI runs with elevated privileges (common in containerized environments where the agent needs CAP_SYS_PTRACE or root to inject into processes), an attacker controlling a Java workload can set TMPDIR to escape chroot/container boundaries or point to a symlink that redirects file writes to critical host paths. The CVSS scope change (S:C) indicates container-to-host escape potential, consistent with typical Kubernetes/Docker deployments where instrumentation agents run privileged.
RemediationAI
Upgrade to OpenTelemetry eBPF Instrumentation version 0.8.0 or later, which implements input validation for TMPDIR and safe file creation semantics to prevent path traversal (vendor-released patch confirmed at https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/releases/tag/v0.8.0). For environments unable to upgrade immediately, disable Java agent injection if not operationally required, accepting loss of automatic Java instrumentation until patching is possible. Alternatively, run OBI with minimal privileges using capability-based restrictions (drop all capabilities except CAP_SYS_PTRACE) rather than full root, though this may not fully mitigate the vulnerability if the injector still has write access to sensitive paths. Deploy container security policies (AppArmor, SELinux) restricting file write operations to specific directories, noting this adds operational complexity and may interfere with legitimate instrumentation functionality. Isolate untrusted workloads to dedicated nodes where OBI is not deployed, accepting reduced observability coverage for high-risk applications. Review audit logs for suspicious TMPDIR values or unexpected file creation patterns in /proc/[pid]/environ of injected Java processes.
Oracle Java SE 7 Update 6 and earlier contains multiple sandbox bypass vulnerabilities via the ClassFinder and forName m
Remote code execution in IBM Sterling B2B Integrator, Sterling Integrator, and Tivoli Common Reporting allows unauthenti
Java Runtime Environment sandbox bypass via incorrect image channel verification in 2D component allows remote unauthent
Oracle Java SE JDK/JRE 7 and 6 Update 27 and earlier allows remote code execution with complete system compromise throug
JBoss Seam 2 in Red Hat JBoss EAP 4.3.0 fails to sanitize JBoss Expression Language inputs, allowing remote attackers to
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 up
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Up
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
Remote unauthenticated attackers can execute arbitrary code on Adobe ColdFusion servers through Java deserialization fla
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25620
GHSA-8gmg-3w2q-65f4