Researchers have disclosed GhostLock (CVE-2026-43499), a Linux kernel local privilege escalation vulnerability in the rtmutex subsystem that reportedly dates back to 2011. The flaw stems from a use-after-free condition caused by a dangling pointer during proxy-lock rollback and can be leveraged for root privilege escalation and container escape on vulnerable systems.