GhostLock (CVE-2026-43499) is a use-after-free in Linux futex priority-inheritance code that has shipped by default in nearly every distro since 2011. Nebula Security's public exploit turns any logged-in user into root with 97% reliability and escapes containers. Patching is the only real fix.
Would this affect a rootless podman container?
I read the article, or at least most of it and didn’t see anything that hints either way.
Seems to be more regarding specifically system authorized users able to elevate themselves to root.
Unless I am missing something?
It says it can escape containers so I assume it can
Yeah. Probably. Just wasn’t sure if the extra abstraction rootless is supposed to provide would affect it. I assume not.