GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years

·Hacker News··

GhostLock (CVE-2026-43499) is a Linux kernel vulnerability found by VEGA that exists in every major distribution since 2011. Triggering the bug does not require any special kernel config or privilege. By turning it into a 97% stable privilege escalation and container escape, Google has rewarded us $92,337 in kernelCTF. This writeup covers the technical details of the exploit.

Read full article →

Related Articles

GPT-5.6 Sol Ultra produces proof of the Cycle Double Cover Conjecture [pdf]
scrlk · Hacker News · 7h ago
How the terrorist group Boko Haram uses frontier AI
imustachyou · Hacker News · 6h ago
QuadRF can spot drones and see WiFi through my wall
speckx · Hacker News · 9h ago
Snails' teeth beats spider silk as nature's strongest material (2015)
simonebrunozzi · Hacker News · 9h ago
The glass backbone: Why the Army's logistics will break in the next war
baud147258 · Hacker News · 1d ago