15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Read full story on The Hacker News
Share
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
AI disclosure

Summary

Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.