Dossier
GhostLock
Coverage of GhostLock in the Nexus archive.
- 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Researchers at Nebula Security disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw enabling any logged-in user to gain root control on unpatched systems. The vulnerability has existed in default code across most mainstream Linux distributions since 2011 and requires no special permissions or network access.
- New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how to block access to files stored locally or on SMB network shares by abusing Windows file API. The tool highlights a potential vulnerability in Windows. This could lead to security issues if exploited by attackers.