Description
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()
Published: 2026-05-01
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unprivileged attacker can cause the dtrace process to crash when executing a malicious ELF binary because of an integer divide‑by‑zero fault in the Pbuild_file_symtab() routine. The crash does not provide code execution or privilege escalation, but it can interrupt system monitoring and diagnostics and potentially affect system availability if dtrace is essential to operations.

Affected Systems

Oracle Linux systems are affected. The CVE does not specify exact release numbers, so any Oracle Linux package that includes dtrace and contains the vulnerable implementation may be impacted.

Risk and Exploitability

The vulnerability is moderate in severity with a CVSS score of 3.3 and no EPSS data, and it is not currently listed in CISA’s KEV catalog. The attack vector is likely local; an attacker only needs the ability to run the malicious ELF binary with unprivileged access. Exploitation results in a denial‑of‑service condition by crashing an essential system monitoring component.

Generated by OpenCVE AI on May 2, 2026 at 07:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor‑provided patch or update for dtrace as soon as it becomes available.
  • If dtrace is not essential to your environment, disable or remove the dtrace service to eliminate the attack surface.
  • Restrict the ability of unprivileged users to execute arbitrary ELF binaries in critical directories or from untrusted sources.
  • Monitor system logs for dtrace crashes and verify that crashes do not affect critical workloads.

Generated by OpenCVE AI on May 2, 2026 at 07:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 07:15:00 +0000

Type Values Removed Values Added
Title dtrace Crash via Integer Divide‑by‑Zero in Pbuild_file_symtab

Fri, 01 May 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Oracle
Oracle linux
Vendors & Products Oracle
Oracle linux

Fri, 01 May 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-369
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 01 May 2026 18:15:00 +0000

Type Values Removed Values Added
Description An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Oracle Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published:

Updated: 2026-05-01T18:15:49.109Z

Reserved: 2026-01-05T18:07:34.722Z

Link: CVE-2026-21996

cve-icon Vulnrichment

Updated: 2026-05-01T18:15:45.622Z

cve-icon NVD

Status : Received

Published: 2026-05-01T18:16:13.750

Modified: 2026-05-01T19:16:29.517

Link: CVE-2026-21996

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T07:00:06Z

Weaknesses