CVE Catalog

CVE-2026-0152

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

0th percentile - higher than 0% of all known CVEs

Summary

In OSMMapPMRGeneric of pmr_os.c, there is a logic error that may allow maliciously expanding the VMA out of bounds via a system call. This could lead to local privilege escalation without the need for additional execution privileges.

Risk Assessment

The organization may be exposed to local privilege escalation, potentially leading to unauthorized access to the system and data.

Recommendation

It is recommended to review and fix the code to eliminate the logic error and implement appropriate safeguards to minimize the risk of privilege escalation.

Original NVD description (English source)

In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS