importantSYS.SOURCE: The Hacker News• 2026-07-08T11:46:44+05:30
Discovery of -Year-Old Linux Kernel Flaw (CVE--) Allows Root and Container Escape
#CVE--#Linux Kernel#Root Access#Container Escape#AI Security
A -year-old Linux kernel vulnerability, CVE--, enables local users to achieve root access and container escape through a use-after-free flaw. The flaw, discovered by Nebula Security via their AI tool VEGA, has been patched but remains a critical risk for unpatched systems.
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched.
The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network
*** END OF TRANSMISSION ***