Уязвимость GhostLock существует с 2011 года и затрагивает основные дистрибутивы Linux
Researchers from Nebula Security have revealed a long-standing vulnerability named GhostLock (CVE-2026-43499) in the Linux kernel that has been present since 2011. This flaw enables an unprivileged local user to escalate privileges to root and escape from containers. The issue stems from a logic error in the rtmutex subsystem, specifically within the remove_waiter() function, leading to a use-after-free condition during futex_requeue() rollback scenarios. An exploit was developed and successfully tested with a high success rate of 97%, requiring no special permissions or network access. A patch was included in the kernel in April 2026, but due to a regression introduced by the initial fix (CVE-2026-53166), administrators are advised to update to the latest stable kernel version for full protection.