All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Critical use-after-free vulnerability in OpenBSD sysv_sem.c allows local privilege escalation to root (CVE-2026-57589)

By

linggen

3h ago· 2 min readenNews

Summary

A use-after-free vulnerability (CVE-2026-57589) has been discovered in the sys/kern/sysv_sem.c component of OpenBSD through version 7.9. The flaw allows local privilege escalation to root via a context switch use-after-free after tsleep in sys_semget().

Source

Hacker NewsCritical use-after-free vulnerability in OpenBSD sysv_sem.c allows local privilege escalation to root (CVE-2026-57589)nvd.nist.gov

Key quotes

· 2 pulled
sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root.
This is a context switch use-after-free after tsleep in sys_semget().
Snippet from the RSS feed
sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

You might also wanna read

Working Exploit Released for Linux Kernel Use-After-Free Flaw CVE-2026-23111 Enabling Local Root Access

Security researchers have released a working exploit for CVE-2026-23111, a Linux kernel use-after-free vulnerability in nf_tables. The flaw

hendryadrian.com·29d ago

Privilege Escalation via Page Use-After-Free in Qualcomm's QAIC Linux Kernel Driver

This security blog post details a privilege escalation vulnerability (page use-after-free) found in Qualcomm's QAIC (AI Accelerator) Linux K

lukasmaar.github.io·1mo ago

Bad Epoll (CVE-2026-46242): Critical Linux Kernel Race Condition Enables Local Privilege Escalation to Root

A newly disclosed Linux kernel vulnerability (CVE-2026-46242) called "Bad Epoll" resides in the eventpoll subsystem, allowing any unprivileg

undercodetesting.com·4d ago

Cisco Unified CM Vulnerability (CVE-2026-20230, CVSS 8.6) Actively Exploited for Root Privilege Escalation

CVE-2026-20230 is a high-severity (CVSS 8.6) vulnerability in Cisco Unified CM involving improper HTTP input validation, enabling unauthenti

briefly.co·14d ago

Microsoft acknowledges RoguePlanet zero-day exploit targeting Defender privilege escalation (CVE-2026-50656)

Microsoft has acknowledged a local elevation of privilege vulnerability (CVE-2026-50656) in Microsoft Defender, triggered via the "RoguePlan

helpnetsecurity.com·21d ago

CVE-2026-13117: Technical Analysis of OpenVPN tls-crypt-v2 Heap Use-After-Free Vulnerability

A detailed technical analysis of CVE-2026-13117, a critical heap use-after-free vulnerability in OpenVPN's tls-crypt-v2 mechanism. The vulne

undercodetesting.com·3d ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.