I am preparing a 2.0.7 release that addresses these CVEs. It should be ready for upload in the next day or so (after testing).
On Sun, May 3, 2026 at 12:34 PM Moritz Mühlenhoff <[email protected]> wrote: > Source: dtrace > X-Debbugs-CC: [email protected] > Severity: important > Tags: security > > Hi, > > The following vulnerability was published for dtrace. > > CVE-2026-35233[0]: > | An unprivileged attacker can craft a user-space process with a > | malicious ELF binary containing an out-of-range sh_link field. When > | root-level dtrace attaches to -- or instruments -- that process (via > | dtrace -p , pid probes, or USDT), the ELF parser reads heap memory > | beyond the allocated section cache array without any bounds check. > | This results in an uninitialized/out-of-bounds heap read that can > | cause a NULL pointer dereference crash of the dtrace process (DoS), > | or -- depending on heap layout -- a read-then-use of a garbage > | pointer controlled by adjacent allocations, providing a foothold > | toward further exploitation in a privileged context. > > https://linux.oracle.com/cve/CVE-2026-35233.html > > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2026-35233 > https://www.cve.org/CVERecord?id=CVE-2026-35233 > > Please adjust the affected versions in the BTS as needed. >
