Security · 1h ago
AI Finds 15-Year-Old Linux Kernel Root Bug
Nebula Security's AI platform VEGA discovered GhostLock, a use-after-free vulnerability in the Linux kernel's futex implementation that has existed since 2011. The bug allows any unprivileged local user to gain root access in about five seconds with a 97% success rate. The exploit works on stock distros and can be used for container escapes.
Meridian48 take
The finding underscores a shift in vulnerability discovery: AI-assisted review is now catching kernel bugs that eluded human reviewers for 15 years, raising the bar for security practices.
linux-kernelai-security