Researchers have disclosed GhostLock (CVE-2026-43499), a Linux kernel local privilege escalation vulnerability in the rtmutex subsystem that reportedly dates back to 2011. The flaw stems from a use-after-free condition caused by a dangling pointer during proxy-lock rollback and can be leveraged for root privilege escalation and container escape on vulnerable systems.
You must log in or # to comment.
Already solved in linux-6.12.86-1 (debian stable)



