importantSYS.SOURCE: The Hacker News• 2026-07-08T11:46:44+05:30
15-Year-Old Linux Kernel Vulnerability Allows Root Access and Container Escape
#Linux#Kernel Security#Container Security#Privilege Escalation#Vulnerability
A 15-year-old Linux kernel vulnerability (CVE-2026-43499) allows local users to gain root access and escape containers on most Linux distributions. The flaw, discovered by Nebula Security, has been patched but remains unpatched in many systems, with working exploit code publicly available.
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched.
The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network
*** END OF TRANSMISSION ***