🔴 Critical | Source: The Hacker News
A 15-year-old Linux kernel vulnerability, dubbed GhostLock (CVE-2026-43499), allows any locally authenticated user to gain full root privileges and escape container boundaries without requiring special permissions or unusual configurations. The flaw has been present by default in virtually every mainstream Linux distribution since 2011, making the potential attack surface enormous. Because no network access is needed, the risk is particularly acute in multi-tenant environments such as shared cloud instances and Kubernetes nodes.
Security Architect’s Take: Prioritise patching all Linux-based cloud workloads immediately, focusing first on multi-tenant systems, Kubernetes nodes, and any instances where multiple users or processes share the same host — apply vendor-supplied kernel patches and verify container runtime isolation is not solely relied upon as a compensating control.
Original advisory: 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros