CVE-2026-10722

Summary

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The name of the patch is 533dfc82fd228bfadf42ea7180c39de7d9af47fa. A patch should be applied to remediate this issue.

Affected Software

VendorProductVersion RangeStatus
ciliumebpf0.1affected
ciliumebpf0.2affected
ciliumebpf0.3affected
ciliumebpf0.4affected
ciliumebpf0.5affected
ciliumebpf0.6affected
ciliumebpf0.7affected
ciliumebpf0.8affected
ciliumebpf0.9affected
ciliumebpf0.10affected
ciliumebpf0.11affected
ciliumebpf0.12affected
ciliumebpf0.13affected
ciliumebpf0.14affected
ciliumebpf0.15affected
ciliumebpf0.16affected
ciliumebpf0.17affected
ciliumebpf0.18affected
ciliumebpf0.19affected
ciliumebpf0.20affected
ciliumebpf0.21.0affected

Weaknesses

  • CWE-190: Integer Overflow
  • CWE-189: Numeric Error

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References