OpenBSD has a use-after-free allowing local privilege escalation to root

linggen1 pts0 comments

NVD - cve-2026-57589

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

NVD

Vulnerabilities

CVE-2026-57589<br>Detail

Awaiting Enrichment

This CVE record has been marked for NVD enrichment efforts.

Description

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

Metrics

&ensp;

CVSS Version 4.0

CVSS Version 3.x

CVSS Version 2.0

NVD enrichment efforts reference publicly available information to associate<br>vector strings. CVSS information contributed by other sources is also<br>displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment<br>not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base<br>Score: N/A

NVD assessment<br>not yet provided.

CNA: MITRE

Base<br>Score: 7.4 HIGH

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H<br>CVSS v3.1 Severity and Metrics: Base Score: 7.4 HIGH Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Impact Score: 5.9 Exploitability Score: 1.4 Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None Scope (S): Unchanged Confidentiality (C): High Integrity (I): High Availability (A): High "/>

-->

-->

CVSS 2.0 Severity and Vector Strings:

NIST: NVD

Base<br>Score: N/A

NVD assessment<br>not yet provided.

-->

-->

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace.<br>We have provided these links to other web sites because they<br>may have information that would be of interest to you. No<br>inferences should be drawn on account of other sites being<br>referenced, or not, from this page. There may be other web<br>sites that are more appropriate for your purpose. NIST does<br>not necessarily endorse the views expressed, or concur with<br>the facts presented on these sites. Further, NIST does not<br>endorse any commercial products that may be mentioned on<br>these sites. Please address comments about this page to [email protected].

URL<br>Source(s)<br>Tag(s)

https://github.com/openbsd/src/commit/1957873d2063db11dab780eca75b5e629d1e838d

MITRE

https://openai.com/index/patch-the-planet/

MITRE

Weakness Enumeration

CWE-ID<br>CWE Name<br>Source

CWE-416

Use After Free

MITRE

Change History

3 change records found show changes

CVE Modified by CISA-ADP<br>6/26/2026 1:16:31 AM

Action<br>Type<br>Old Value<br>New Value

Changed<br>SSVC

{"timestamp":"2026-06-25T12:34:51.474289Z","id":"CVE-2026-57589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

{"timestamp":"2026-06-25T00:00:00+00:00","id":"CVE-2026-57589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

CVE Modified by CISA-ADP<br>6/25/2026 9:16:49 AM

Action<br>Type<br>Old Value<br>New Value

Added<br>SSVC

{"timestamp":"2026-06-25T12:34:51.474289Z","id":"CVE-2026-57589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

New CVE Received from MITRE<br>6/24/2026 9:16:26 PM

Action<br>Type<br>Old Value<br>New Value

Added<br>Description

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

Added<br>CVSS V3.1

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Added<br>CWE

CWE-416

Added<br>Reference

https://github.com/openbsd/src/commit/1957873d2063db11dab780eca75b5e629d1e838d

Added<br>Reference

https://openai.com/index/patch-the-planet/

Added<br>Affected

[{"vendor":"OpenBSD","product":"OpenBSD","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"7.9","versionType":"custom","status":"affected"}]}]

Quick Info

CVE Dictionary Entry:<br>CVE-2026-57589<br>NVD<br>Published Date:<br>06/24/2026<br>NVD<br>Last Modified:<br>06/26/2026

Source:<br>MITRE

cvss after openbsd version vector added

Related Articles