GhostLock: A 15-Year Linux Kernel Vulnerability Found by VEGA
GhostLock, a stack-UAF that has existed in all Linux distributions for 15 years

I discovered GhostLock, a critical stack-use-after-free vulnerability in the Linux kernel that has affected every major distribution for over 15 years. By exploiting a flaw in the rtmutex rework, we achieved a stable privilege escalation and container escape without needing special privileges. This research details how we turned this bug into a winning kernelCTF submission, earning a significant bounty from Google.
"GhostLock (CVE-2026-43499) is a Linux kernel vulnerability found by VEGA that exists in every major distribution since 2011."