Researchers at Nebula Security disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that can let a logged-in local user gain full root access on unpatched systems, and it can also escape containers. Nebula published working exploit code after turning the bug into a 97%-reliable root exploit, and it is also part of the IonStack chain with Firefox flaw CVE-2026-10702. #GhostLock #CVE-2026-43499 #NebulaSecurity #kernelCTF #IonStack #CVE-2026-10702
Keypoints
- GhostLock is a Linux kernel use-after-free flaw present since 2011.
- Any logged-in local user can exploit it to gain full root privileges.
- Nebula Security says the exploit is 97% reliable and can escape containers.
- Google awarded Nebula $92,337 through the kernelCTF bug-bounty program.
- The bug was fixed in April, but users should install fully updated kernel packages, not just the first patched build.
Read More: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html