Primary

Context

Oracle Linux DTrace Process Denial-of-Service Vulnerability via Malicious ELF Binary

Vulnerability

A denial-of-service vulnerability has been identified in the DTrace process of Oracle Linux versions 8, 9, and 10. An unprivileged attacker can trigger a crash by using a malicious ELF binary, which causes an integer divide-by-zero error in the 'Pbuild_file_symtab()' function.

Impact

Exploitation of this vulnerability leads to a crash of the DTrace process, causing a denial-of-service condition.

Remediation

Users can apply the available patches by referencing the Oracle Linux Errata ELSA-2026-50249, ELSA-2026-50250, and ELSA-2026-50251.

Added: May 1, 2026, 6:21 PM

Updated: May 1, 2026, 6:21 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

3.5

remediation

7.7

relevance

7.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

3.5

remediation

7.7

relevance

7.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Linux DTrace Process Denial-of-Service Vulnerability via Malicious ELF Binary

Vulnerability

Impact

Remediation

Affected Products

Oracle Linux

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating