ShellCodeX Intelligence Brief
CRITICAL
Vulnerabilities
GhostLock Linux kernel bug (CVE-2026-43499) enables root and escape
Source headline: 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Threat level
Critical
Signal strength
90/100
Source confidence
1 source
Published
2 hours ago
Intelligence Summary
Nebula Security disclosed GhostLock (CVE-2026-43499), a long-standing Linux kernel flaw affecting many mainstream distributions. Any logged-in local user can exploit it to gain full root privileges on an unpatched system. The vulnerability also enables container escape, expanding impact beyond a single environment. Researchers note the affected code has been present in default builds for many years. Administrators should patch immediately and verify systems are running fixed kernel versions.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.
Topics
Original reporting
The Hacker News
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Open original source