AI Uncovers 15-Year-Old Linux Kernel Privilege-Escalation Flaw
WIRED · July 11, 2026
curated by Heiko
Nebula Security's AI-driven bug-hunting tool VEGA discovered GhostLock (CVE-2026-43499), a use-after-free vulnerability lurking in the Linux kernel since 2011. The flaw grants any logged-in user root access on unpatched systems without special permissions. It affects all major distributions; Ubuntu 24.04, 22.04, and 20.04 LTS remain vulnerable. Patch coverage is uneven.
AI-generated summary (Heiko) · editorially responsible: J. Fuchs · How we use AI