CVE-2026-21991
published 2026-03-16CVE-2026-21991: A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dtrace | < dtrace 2.0.6-1 (sid) | dtrace 2.0.6-1 (sid) |
| oracle | linux | — | — |
| oracle | linux | — | — |
| oracle | linux | — | — |
| oracle_corporation | oracle_linux | — | — |
| oracle_corporation | oracle_linux | — | — |
| oracle_corporation | oracle_linux | — | — |