AI Found a Root Bug in Linux That Everyone Missed for 15 Years
7.7 relevance
Score Breakdown
technical depth 8
novelty 9
actionability 6
community 7
strategic 7
personal 9
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
AI discovered a 15-year-old Linux kernel bug; highly relevant to security, AI, and open source.
Summary
Nebula Security's AI-driven tool VEGA discovered GhostLock (CVE-2026-43499), a use-after-free bug in the Linux kernel since 2011 that lets any logged-in user escalate to root, escape containers, and was 97% reliable in testing. The flaw, earning a $92,337 bounty, shipped in all major distributions; while patched in April, Ubuntu 24.04, 22.04, and 20.04 LTS remained vulnerable as of early July, requiring defenders to verify fixes.