CVE-2026-21996 PUBLISHED

Assigner: oracle
Reserved: 05.01.2026 Published: 01.05.2026 Updated: 01.05.2026

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVSS Score: 3.3

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	Low	Integrity Impact	None
User Interaction	None	Availability Impact	Low

CVSS 3.1

Product Status

Vendor	Oracle Corporation
Product	Oracle Linux
Versions	Version 8 is affected Version 9 is affected Version 10 is affected

References

Oracle Advisory

Problem Types

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() text