OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root (CVE-2026-57589)

31 points by fro 17 hours ago on lobsters | 4 comments

rw-rw-rw- | 5 hours ago

So lame, no catchy name nor a website for this LPE. ;-)

mdaniel | 3 hours ago

The 2nd link in the NVD record is "Patch the Planet" which is a tiny bit catchy, and it does have a website, although not for this one LPE in isolation

It will be interesting to find out if all this "AI findz ur vulns" will continue once the cost to run inference is no longer subsidized (and in this specific case I'd suspect the subsidies were extra because the money likely came out of the marketing budget)

LeahNeukirchen | 8 hours ago

No syspatch out yet?

classichasclass | 4 hours ago

I don't see it on the errata page yet.