ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Vulnerabilities

GhostLock Linux kernel bug (CVE-2026-43499) enables root and escape

Source headline: 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Threat level Critical
Signal strength 90/100
Source confidence 1 source
Published 2 hours ago

Intelligence Summary

Nebula Security disclosed GhostLock (CVE-2026-43499), a long-standing Linux kernel flaw affecting many mainstream distributions. Any logged-in local user can exploit it to gain full root privileges on an unpatched system. The vulnerability also enables container escape, expanding impact beyond a single environment. Researchers note the affected code has been present in default builds for many years. Administrators should patch immediately and verify systems are running fixed kernel versions.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#privilege-escalation #linux #kernel #local-exploit #container-escape #cve-2026-43499
Original reporting The Hacker News 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Open original source