Skip to main content

Oracle DTrace EUVDEUVD-2026-26700

| CVE-2026-21996 LOW
Divide By Zero (CWE-369)
2026-05-01 secalert_us@oracle.com
3.3
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Analysis Generated
May 01, 2026 - 18:30 vuln.today
EUVD ID Assigned
May 01, 2026 - 18:22 euvd
EUVD-2026-26700
Analysis Generated
May 01, 2026 - 18:22 vuln.today
CVE Published
May 01, 2026 - 18:16 nvd
LOW 3.3

DescriptionCVE.org

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()

AnalysisAI

DTrace process can be reliably crashed by unprivileged local attackers via a malicious ELF binary that triggers an integer divide-by-zero condition in the Pbuild_file_symtab() function, causing denial of service. CVSS 3.3 (low severity) reflects local-only attack vector and low privileges required, though the reliable crash mechanism and low exploitation complexity may elevate practical risk in multi-tenant or shared-system environments.

Technical ContextAI

DTrace (Dynamic Tracing) is Oracle's system tracing framework that analyzes kernel and application behavior in real-time. The vulnerability exists in the Pbuild_file_symtab() function, which is responsible for constructing symbol table information from ELF (Executable and Linkable Format) binaries during trace processing. An integer divide-by-zero condition is a type of arithmetic error (CWE-369) that occurs when code attempts division by zero, typically in symbol table field calculations such as dividing by section size, entry count, or alignment values parsed from a malformed ELF header or section. When a crafted ELF binary with anomalous section metadata is presented to DTrace, the unchecked division operation causes an immediate process crash rather than graceful error handling.

RemediationAI

Apply the security patch released by Oracle for this CVE; the specific patched version is not provided in available references - consult https://linux.oracle.com/cve/CVE-2026-21996.html for the exact version number. As an interim mitigation pending patch deployment, restrict execution permissions and file system access for unprivileged users to prevent them from loading or analyzing untrusted ELF binaries via DTrace; this reduces the attack surface by limiting the number of users who can trigger the vulnerable code path. Additionally, disable DTrace functionality entirely on systems where dynamic tracing is not required for operations, or run DTrace only with fully trusted binaries in controlled environments. Be aware that file permission restrictions may impact legitimate debugging or monitoring workflows, requiring operational changes.

Share

EUVD-2026-26700 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy