Critical use-after-free vulnerability in OpenBSD sysv_sem.c allows local privilege escalation to root (CVE-2026-57589)
By
linggen
Summary
A use-after-free vulnerability (CVE-2026-57589) has been discovered in the sys/kern/sysv_sem.c component of OpenBSD through version 7.9. The flaw allows local privilege escalation to root via a context switch use-after-free after tsleep in sys_semget().
Source

Key quotes
· 2 pulledsys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root.
This is a context switch use-after-free after tsleep in sys_semget().
You might also wanna read
Working Exploit Released for Linux Kernel Use-After-Free Flaw CVE-2026-23111 Enabling Local Root Access
Security researchers have released a working exploit for CVE-2026-23111, a Linux kernel use-after-free vulnerability in nf_tables. The flaw
hendryadrian.com·29d agoPrivilege Escalation via Page Use-After-Free in Qualcomm's QAIC Linux Kernel Driver
This security blog post details a privilege escalation vulnerability (page use-after-free) found in Qualcomm's QAIC (AI Accelerator) Linux K
Bad Epoll (CVE-2026-46242): Critical Linux Kernel Race Condition Enables Local Privilege Escalation to Root
A newly disclosed Linux kernel vulnerability (CVE-2026-46242) called "Bad Epoll" resides in the eventpoll subsystem, allowing any unprivileg
undercodetesting.com·4d agoCisco Unified CM Vulnerability (CVE-2026-20230, CVSS 8.6) Actively Exploited for Root Privilege Escalation
CVE-2026-20230 is a high-severity (CVSS 8.6) vulnerability in Cisco Unified CM involving improper HTTP input validation, enabling unauthenti
Microsoft acknowledges RoguePlanet zero-day exploit targeting Defender privilege escalation (CVE-2026-50656)
Microsoft has acknowledged a local elevation of privilege vulnerability (CVE-2026-50656) in Microsoft Defender, triggered via the "RoguePlan
CVE-2026-13117: Technical Analysis of OpenVPN tls-crypt-v2 Heap Use-After-Free Vulnerability
A detailed technical analysis of CVE-2026-13117, a critical heap use-after-free vulnerability in OpenVPN's tls-crypt-v2 mechanism. The vulne
undercodetesting.com·3d ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.