EIP-2026-100006

PRE-CVE

AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Local Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100006. PoCs published by Last Stage of Delirium.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in the AIX printing subsystem's 'piomkapqd' utility, allowing local privilege escalation to the 'printq' group. It uses a crafted environment variable to overwrite the return address and execute shellcode that calls setregid() to gain elevated privileges.

Description

AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Local Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Last Stage of Delirium · clocalaix

https://www.exploit-db.com/exploits/21094

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in the AIX printing subsystem's 'piomkapqd' utility, allowing local privilege escalation to the 'printq' group. It uses a crafted environment variable to overwrite the return address and execute shellcode that calls setregid() to gain elevated privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: AIX 4.2, 4.3, 4.3.3 (piomkapqd utility)

No auth needed

Prerequisites: Local access to an AIX system with vulnerable piomkapqd · Ability to execute binaries

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1555 - Credentials from Password Stores

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026