CNNVD-202602-2076 Information
CNNVD ID
CNNVD-202602-2076
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
Inspektor Gadget是Inspektor Gadget公司的一套基于 eBPF 的工具和框架。 Inspektor Gadget存在安全漏洞,该漏洞源于列输出模式下,来自eBPF事件的字符串字段在渲染到终端时未清理控制字符或ANSI转义序列,可能导致恶意事件有效载荷注入转义序列。
Description (English)
Inspektor Gadget is an eBPF-based tool and framework for Inspektor Gadget. Inspektor Gadget has a security loophole, which arises from column output mode, when a string field from an eBPF event does not clean up a control character or ANSI transliteration sequence when rendering to the terminal, which may result in a malicious event payload being injected into a transliteration sequence.
Vulnerability Type
其他
Affected Vendor
Inspektor Gadget
Published
2026-02-12
Last Modified
2026-02-24
References
https://github.com/inspektor-gadget/inspektor-gadget/commit/d59cf72971f9b7110d9c179dc8ae8b7a11dbd6d2 https://github.com/inspektor-gadget/inspektor-gadget/releases/tag/v0.49.1 https://github.com/inspektor-gadget/inspektor-gadget/security/advisories/GHSA-34r5-6j7w-235f
Patch
https://github.com/inspektor-gadget/inspektor-gadget/releases
Share on: