CVE-2026-10722: cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow

Overview

Severity

Low (CVSS 3.3)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Exploit Status

Not Exploited

Patch Tuesday

2026-Jun

Released

2026-06-07

Last Updated

2026-06-09

EPSS Score

0.01% (percentile: 2.5%)

Affected Products (9)

Open Source Software

• azl3 containerd2 2.2.4-2 on Azure Linux 3.0
• azl3 kata-containers 3.19.1.kata3-4 on Azure Linux 3.0
• azl3 kata-containers-cc 3.15.0.aks0-12 on Azure Linux 3.0
• azl3 kubernetes 1.30.10-25 on Azure Linux 3.0
• azl3 kubevirt 1.7.1-7 on Azure Linux 3.0
• azl3 moby-containerd-cc 1.7.7-13 on Azure Linux 3.0
• azl3 moby-engine 25.0.3-18 on Azure Linux 3.0
• azl3 runc 1.3.3-1 on Azure Linux 3.0

Mariner

• azl3 libcontainers-common 20240213-3 on Azure Linux 3.0

Revision History

• 2026-06-07: Information published.
• 2026-06-07: Information published.
• 2026-06-08: Information published.
• 2026-06-09: Information published.