GhostLock (CVE-2026-43499) is a use-after-free in Linux futex priority-inheritance code that has shipped by default in nearly every distro since 2011. Nebula Security's public exploit turns any logged-in user into root with 97% reliability and escapes containers. Patching is the only real fix.
That sucks, but not much (all “local account required” vulns are like that). I need to stay on 6.8 both for proper PM support for hibernation and because of the Nvidia drivers.
That sucks, but not much (all “local account required” vulns are like that). I need to stay on 6.8 both for proper PM support for hibernation and because of the Nvidia drivers.