Skip to main content

Inspektor Gadget CVE-2026-44778

LOW
Improper Input Validation (CWE-20)
2026-06-22 https://github.com/inspektor-gadget/inspektor-gadget GHSA-7cfq-5mhv-jrp9

Severity by source

vuln.today AI
5.6 MEDIUM

Container code execution required (AV:L, PR:L); specific custom USDT gadget prerequisite raises AC:H; crash of privileged host process is a scope change (S:C) with high availability impact (A:H) and no C/I impact.

3.1 AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
4.0 AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 22, 2026 - 21:21 vuln.today
Analysis Generated
Jun 22, 2026 - 21:21 vuln.today

DescriptionCVE.org

Summary

A malicious container can crash or destabilize the privileged Inspektor Gadget process when a gadget using USDT probes is deployed. The vulnerability is in the USDT note parser (pkg/uprobetracer/usdt.go) which is invoked when a gadget with a SEC("usdt/...") section attaches to a target binary. An unprivileged process can place a crafted ELF binary at the expected library path, triggering one of two attack vectors:

  1. Panic (immediate crash): A stapsdt note with a small DescSize causes an out-of-bounds slice access, panicking the IG process.
  2. Memory exhaustion (OOM kill): A stapsdt note with a very large NameSize or DescSize causes IG to allocate up to ~4 GiB of memory, which can killnthe process if deployed with memory restrictions (e.g., cgroup limits).

Important: The vulnerability is only triggered when running a gadget that uses USDT probes (i.e., contains a SEC("usdt/...") eBPF section). No gadget shipped by the Inspektor Gadget project uses USDT today. Users who deploy their own custom USDT gadgets are affected.

Severity

Low - Denial of Service (process crash or OOM) of a privileged host process, triggered by an unprivileged container. The vulnerable code path is only reached when a gadget using USDT probes is deployed. No such gadget is shipped by the Inspektor Gadget project; only users running custom USDT gadgets are affected.

  • Attack vector: An unprivileged process in a container places a crafted ELF file at a path that a USDT gadget targets (e.g., a library name resolved via the container's ld cache). When the gadget attaches, IG parses the malicious ELF and crashes.
  • Impact: The IG process panics and crashes (vector 1) or is OOM-killed (vector 2). This is a DoS against the monitoring infrastructure, not a code execution or privilege escalation vulnerability.
  • Affected component: pkg/uprobetracer/usdt.go, function getUsdtInfo()
  • Prerequisites: A gadget with a SEC("usdt/...") eBPF section must be running and configured to attach to a library inside the attacker's container.

No shipped gadgets use USDT probes, so this only affects deployments with custom USDT gadgets.

Affected Versions

All versions of Inspektor Gadget that include USDT support in pkg/uprobetracer/usdt.go, starting from v0.28.0 (commit 7ee5e7a90 "pkg/uprobetracer: support USDT trace points").

Root Cause

Vector 1: Out-of-bounds slice access (panic)

In pkg/uprobetracer/usdt.go, the function getUsdtInfo() parses stapsdt notes from an ELF file's .note.stapsdt section. When a matching note is found (name "stapsdt\0" and type 3), it reads three address fields from the note descriptor:

go
// usdt.go lines 137-139
elfLocation := elfReader.ByteOrder.Uint64(desc[:wordSize])
elfBase := elfReader.ByteOrder.Uint64(desc[wordSize : 2*wordSize])
elfSemaphore := elfReader.ByteOrder.Uint64(desc[2*wordSize : 3*wordSize])

For a 64-bit ELF, wordSize = 8, so this requires desc to be at least 24 bytes. However, desc is allocated based on the note's DescSize field from the ELF file:

go
desc := make([]byte, alignUp(uint64(header.DescSize), 4))

A crafted ELF with DescSize = 1 produces a 4-byte desc buffer. The expression desc[:8] then panics with:

panic: runtime error: slice bounds out of range [:8] with capacity 4

Vector 2: Unbounded memory allocation (OOM)

The NameSize and DescSize fields from the note header are used directly to allocate memory without any upper bound:

go
name := make([]byte, alignUp(uint64(header.NameSize), 4))
desc := make([]byte, alignUp(uint64(header.DescSize), 4))

A crafted ELF with NameSize = 0xFFFFFFFF would attempt to allocate ~4 GiB of memory. Under cgroup memory limits (common in Kubernetes deployments), this triggers an OOM kill of the IG process.

Vector 3: Missing panic recovery for debug/elf

Go's debug/elf package is not hardened against adversarial inputs and may panic on malformed ELF headers. The cilium/ebpf library addresses this with its SafeELFFile wrapper that uses recover(), but getUsdtInfo() calls elf.NewFile() directly without any panic recovery.

Fix

The fix (3 changes in pkg/uprobetracer/usdt.go):

  1. Bounds check on descriptor size: Validate len(desc) >= 3*wordSize before accessing the address fields. Reject malformed notes with an error instead of panicking.
  2. Cap allocation sizes: Limit NameSize and DescSize to a reasonable maximum (1 MiB) before allocating memory, preventing DoS via memory exhaustion. There is no standard upper bound for ELF note fields; 1 MiB is a generous arbitrary cap - legitimate USDT notes are typically under 1 KB.
  3. Panic recovery: Wrap getUsdtInfo() with defer/recover to catch any panics from debug/elf on malformed input, converting them to errors.

Related

  • Go debug/elf known issues: https://github.com/golang/go/issues?q=is%3Aissue+is%3Aopen+debug%2Felf+in%3Atitle
  • cilium/ebpf SafeELFFile wrapper: https://github.com/cilium/ebpf/blob/main/internal/safeelf.go - uses recover() around all debug/elf operations for exactly this reason.

AnalysisAI

Denial of service in Inspektor Gadget's USDT note parser (pkg/uprobetracer/usdt.go) allows an unprivileged container process to crash or OOM-kill the privileged IG host process by placing a crafted ELF binary at a path targeted by a custom USDT gadget. Two distinct attack vectors exist: a panic from out-of-bounds slice access when DescSize is artificially small, and unbounded memory allocation (~4 GiB) when NameSize or DescSize is set to 0xFFFFFFFF. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain unprivileged execution inside target container
Delivery
Identify library path targeted by active USDT gadget
Exploit
Place crafted ELF with malicious DescSize/NameSize at targeted path
Execution
IG calls getUsdtInfo() on crafted ELF during probe attachment
Persist
Out-of-bounds slice access panics IG process or 4 GiB allocation triggers OOM kill
Impact
Inspektor Gadget host monitoring process crashes

Vulnerability AssessmentAI

Exploitation Exploitation requires two specific non-default conditions to be simultaneously true: (1) a custom USDT gadget containing a SEC("usdt/...") eBPF section must be actively deployed and running - no gadget shipped by Inspektor Gadget uses USDT, making the overwhelming majority of deployments completely unexposed; and (2) the attacker must have unprivileged code execution inside a container whose library paths are targeted by the running USDT gadget, enabling placement of a crafted ELF file at the resolved library path. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No NVD CVSS vector was published for this CVE; the vendor self-rates severity as Low. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with unprivileged code execution inside a Kubernetes container creates a crafted ELF binary (e.g., a fake shared library named to match a target like libfoo.so.1) and places it at the path that the running USDT gadget will resolve via the container's ld.so cache. When the Inspektor Gadget process attaches its USDT probes to the container's binary, it calls getUsdtInfo() on the malicious ELF, which either immediately panics due to out-of-bounds slice access (DescSize=1 vector) or triggers an OOM kill by allocating ~4 GiB (DescSize=0xFFFFFFFF vector), crashing the privileged IG monitoring process on the host. …
Remediation Vendor-released patch: v0.53.1. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Share

CVE-2026-44778 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy