OpenTelemetry eBPF Instrumentation contains a buffer mis‑management flaw where a 256‑byte backup buffer is used while preserving an original payload size of up to 8KB. When a CPU mismatch occurs, a fallback path can read beyond the intended buffer and leak adjacent memory into telemetry streams, constituting an out‑of‑bounds read that could expose sensitive data captured by eBPF probes. Based on the description, it is inferred that the leaked memory may include sensitive telemetry information.

OpenTelemetry, product OpenTelemetry eBPF Instrumentation. All releases before version 0.9.0, including v0.8.x and earlier, are vulnerable. Users who have deployed any older version in their production environment should assess whether their eBPF instrumentation is exposed to CPU mismatches.

The vulnerability scores a CVSS of 5.9, indicating medium severity. No EPSS score is available and the issue is not listed in the CISA KEV catalog, so its exploitation probability is currently unknown. The bug requires the ability to trigger the fallback path, which typically involves local or privileged access to the kernel eBPF subsystem. While the exploit surface is limited, the potential impact of leaking arbitrary memory makes it a concern for systems that collect sensitive telemetry data. Based on the description, it is inferred that an attacker would need to observe or create a CPU mismatch condition to activate the vulnerable path.