CVE-2026-21996
Analyzed Analyzed - Analysis Complete

Integer Divide-by-Zero in DTrace

Vulnerability report for CVE-2026-21996, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-01

Last updated on: 2026-05-05

Assigner: Oracle

Description

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-01
Last Modified
2026-05-05
Generated
2026-07-06
AI Q&A
2026-05-01
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
oracle linux 8
oracle linux 10
oracle linux 9

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-369 The product divides a value by zero.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows an unprivileged attacker to cause the dtrace process to crash by using a specially crafted malicious ELF binary. The root cause is an integer Divide-by-Zero error in the function Pbuild_file_symtab().

Impact Analysis

The impact of this vulnerability is a denial of service condition where the dtrace process can be reliably crashed by an attacker with low privileges. This could disrupt system monitoring or diagnostic activities that rely on dtrace.

Compliance Impact

This vulnerability allows an unprivileged attacker to crash the dtrace process, impacting availability but not confidentiality or integrity.

Since there is no reported impact on confidentiality or integrity of data, the vulnerability is unlikely to directly affect compliance with standards such as GDPR or HIPAA, which primarily focus on protecting data privacy and integrity.

However, the availability impact could have indirect implications if the affected systems are critical for compliance-related operations, but no specific compliance impact is detailed.

Detection Guidance

This vulnerability involves an unprivileged attacker triggering a crash of the dtrace process by providing a malicious ELF binary that causes an integer divide-by-zero error in the Pbuild_file_symtab() function.

Detection would involve monitoring for crashes or abnormal termination of the dtrace process when processing ELF binaries locally.

No specific detection commands or network-based detection methods are provided in the available information.

Mitigation Strategies

To mitigate this vulnerability, it is recommended to apply the errata fixes released by Oracle for Oracle Linux versions 8, 9, and 10.

  • Install the updates corresponding to ELSA-2026-50249, ELSA-2026-50250, and ELSA-2026-50251.
  • Restrict unprivileged users from executing or providing malicious ELF binaries to the dtrace process until patches are applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-21996. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart