News [Linux Journal] AI Uncovers a 15-Year-Old Linux Kernel Root Vulnerability Hidden Since 2011

News

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,927
Reaction score
94
Credits
-1,257
by George Whittaker Artificial intelligence has helped uncover one of the most significant Linux kernel security flaws in recent years. Security researchers at Nebula Security announced the discovery of GhostLock (CVE-2026-43499), a critical local privilege escalation vulnerability that remained hidden in the Linux kernel for approximately 15 years before being identified by the company's AI-powered vulnerability research platform, VEGA. The vulnerability affects Linux kernels dating back to version 2.6.39 (2011) and allows an unprivileged local user to obtain full root privileges on vulnerable systems. Its discovery not only highlights the importance of timely kernel updates but also demonstrates how AI is beginning to transform vulnerability research. What Is GhostLock? GhostLock is a use-after-free (UAF) vulnerability located in the Linux kernel's futex (fast userspace mutex) implementation. Futexes are synchronization primitives that allow user-space applications to efficiently coo

Source: https://www.linuxjournal.com/conten...d-linux-kernel-root-vulnerability-hidden-2011

Aggregated via Linux News
 


Follow Linux.org

Members online


Latest posts

Top