Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Description
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the escape sequences into the terminal of ig operators, with various effects. The columns output mode is the default when running ig run interactively.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Inspektor Gadget's columns output mode does not sanitize ANSI escape sequences from eBPF events, allowing container-based attackers to inject malicious terminal commands visible to operators.
Vulnerability
Description
CVE-2026-25996 is a terminal injection vulnerability in Inspektor Gadget, a data collection and system inspection framework for Kubernetes and Linux that uses eBPF. When running in columns output mode (the default interactive mode), string fields from eBPF events are rendered directly to the terminal without sanitizing control characters or ANSI escape sequences [1][3]. This allows a malicious container to craft eBPF event payloads containing escape sequences that will be executed or displayed in the terminal of the ig operator [1][3].
Attack
Vector and Prerequisites
To exploit this vulnerability, an attacker must have the ability to execute code within a container that is being monitored by Inspektor Gadget. The provided proof-of-concept (PoC) [3] demonstrates this by running a container that opens files with names containing ANSI escape sequences (e.g., \x1b[1A to move the cursor up). When the trace_open gadget logs the file path to the operator's terminal, the escape sequence manipulates the terminal display, effectively overwriting or hiding previous log entries [3]. No special privileges or network access are required beyond container execution; the attack succeeds whenever ig is run with columns output and the malicious container is observed [1][3].
Impact
Successful exploitation can lead to log injection, where the attacker can hide malicious actions (e.g., reading /etc/shadow) by overwriting the corresponding terminal lines with benign-looking entries [3]. Depending on the injected sequences, an attacker might also execute arbitrary terminal commands, read sensitive information displayed on the operator's screen, or perform denial-of-service via terminal escape codes [3]. The impact is limited to the operator's terminal session and does not directly compromise the host or Kubernetes cluster, but it can significantly reduce the reliability of monitoring and enable evasion of detection [1][3].
Mitigation
The issue is addressed in Inspektor Gadget release v0.49.1 [4]. Users should upgrade to this version or later, which sanitizes eBPF event output to strip or escape control characters. If immediate upgrading is not possible, users can avoid using columns output mode or run ig in non-interactive pipelines; however, the safest mitigation is to apply the patch [3][4].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/inspektor-gadget/inspektor-gadgetGo | < 0.49.1 | 0.49.1 |
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: < 0.49.1
Patches
1d59cf72971f9pkg: columns: Escape strings before printing them.
1 file changed · +6 −0
pkg/columns/formatter/textcolumns/output.go+6 −0 modified@@ -17,6 +17,7 @@ package textcolumns import ( "bytes" "io" + "strconv" "strings" "github.com/inspektor-gadget/inspektor-gadget/pkg/columns" @@ -36,6 +37,11 @@ func (tf *TextColumnsFormatter[T]) buildFixedString(s string, length int, ellips return "" } + // Escape the string to avoid the terminal to interpret escape sequence when + // printing and remove first and last character as they are quotes added by + // strconv.Quote(). + s = strconv.Quote(s) + s = s[1 : len(s)-1] if !tf.options.ShouldTruncate { return s }
Vulnerability mechanics
Root cause
"Missing sanitization of control characters and ANSI escape sequences in string fields from eBPF events when rendering columns output to the terminal."
Attack vector
An attacker who can control eBPF event payloads (e.g., by crafting file names or other string fields from within an observed container) can inject ANSI escape sequences into the terminal output. When `ig` runs in columns output mode (the default for interactive use), the `buildFixedString` function in `pkg/columns/formatter/textcolumns/output.go` writes strings directly to the terminal without sanitization [patch_id=32727]. The attacker's escape sequences can overwrite, hide, or alter previously displayed lines, potentially concealing malicious activity from the operator.
Affected code
The vulnerability is in `pkg/columns/formatter/textcolumns/output.go` in the `buildFixedString` function. This function formats string columns for terminal output without sanitizing control characters or ANSI escape sequences [patch_id=32727]. The columns output mode is the default when running `ig` interactively.
What the fix does
The patch adds a call to `strconv.Quote()` on the string before printing, which escapes control characters and ANSI escape sequences into their printable Go literal forms (e.g., `\x1b`). The first and last characters (the quotes added by `strconv.Quote()`) are then stripped to preserve the original string's appearance while neutralizing any embedded escape sequences [patch_id=32727]. This prevents the terminal from interpreting injected escape sequences, ensuring the output faithfully represents the actual event data.
Preconditions
- inputAttacker must be able to control a string field in an eBPF event (e.g., file name, path) from within an observed container.
- configThe ig operator must be running in columns output mode (the default for interactive use).
Generated on May 18, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-34r5-6j7w-235fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-25996ghsaADVISORY
- github.com/inspektor-gadget/inspektor-gadget/commit/d59cf72971f9b7110d9c179dc8ae8b7a11dbd6d2ghsax_refsource_MISCWEB
- github.com/inspektor-gadget/inspektor-gadget/releases/tag/v0.49.1ghsax_refsource_MISCWEB
- github.com/inspektor-gadget/inspektor-gadget/security/advisories/GHSA-34r5-6j7w-235fghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.