Nebula Security has identified a critical vulnerability, known as GhostLock (CVE-2026-43499), in the Linux kernel that has persisted for over 15 years, allowing any logged-in user to gain root access on unpatched systems. This flaw, which has been present in nearly all mainstream distributions since 2011, was reported by SecurityWeek and The Hacker News.
Details of the Vulnerability
The GhostLock vulnerability is categorized as a use-after-free bug, which means it can be exploited without the need for special permissions or network access. Nebula published exploit code that demonstrated a 97% reliability rate in testing. The flaw was fixed in April 2026, but patch availability remains inconsistent across various distributions.
As of early July, Ubuntu still listed several versions, including 24.04, 22.04, and 20.04 LTS, as vulnerable or in progress. Users are urged to verify the presence of the fixed package rather than assuming it has been automatically updated.
AI's Role in Discovering the Flaw
Notably, Nebula utilized its AI-driven bug-hunting tool, VEGA, to uncover this longstanding issue. This discovery is part of a broader trend where automated tools are surfacing privilege-escalation flaws in old kernel code that had not been revisited in years. The identification of GhostLock earned Nebula a payout of $92,337 through Google’s kernelCTF program.
Implications for Users and Developers
The persistence of such vulnerabilities highlights the need for continuous monitoring and updating of software systems. Users and developers are encouraged to stay informed about security patches and to implement them promptly to mitigate risks.
- Vulnerability: GhostLock (CVE-2026-43499)
- Discovered by: Nebula Security
- Payout: $92,337
- Patch Availability: Inconsistent across distributions
- Reliability Rate: 97% in testing
🤖 This article was rewritten by Feed and Figures' editorial AI from a report originally published by Wired. Facts and quotes are preserved from the original; the rewrite focuses on clarity and structure. For the unedited original, see the source link below.