BotBeat
...
← Back

> ▌

Nebula SecurityNebula Security
RESEARCHNebula Security2026-07-11

AI-Driven Tool Discovers 15-Year-Old Linux Root Vulnerability

Key Takeaways

  • ▸Nebula Security's AI tool VEGA discovered a 15-year-old Linux kernel vulnerability (CVE-2026-43499) affecting every mainstream distribution since 2011
  • ▸GhostLock is a use-after-free privilege-escalation flaw requiring only user login—Nebula's exploit achieves 97% reliability and can escape containers
  • ▸AI-powered security research is uncovering decades-old vulnerabilities that manual code review missed, signaling a shift in how legacy systems are being secured
Source:
Hacker Newshttps://www.wired.com/story/security-news-this-week-ai-found-a-root-bug-in-linux-that-everyone-missed-for-15-years/↗

Summary

Nebula Security's AI-driven bug-hunting tool VEGA has uncovered GhostLock (CVE-2026-43499), a critical privilege-escalation vulnerability in the Linux kernel that went undetected for 15 years. The use-after-free flaw shipped by default in every mainstream Linux distribution since 2011 and allows any logged-in user to gain root access without special permissions or network access.

The vulnerability, which Nebula found after its automated tool re-examined decades-old kernel code, demonstrates the emerging power of AI-driven security research. Nebula's exploit achieves 97% reliability and can even escape container isolation, earning the company a $92,337 payout through Google's kernelCTF bug-bounty program. While patched in April 2026, distribution has been uneven—as of early July, Ubuntu's LTS versions (24.04, 22.04, and 20.04) still required security updates.

The discovery is part of a broader 2026 trend in which automated AI tools are systematically re-examining aging codebases to surface privilege-escalation flaws that manual code review missed for decades. This shift highlights AI-assisted vulnerability discovery as a critical frontier in securing legacy systems before they can be weaponized.

Editorial Opinion

GhostLock is a sobering reminder that even heavily audited codebases can harbor critical vulnerabilities for years—and that human code review has inherent limits. What's encouraging is that AI-driven security tools are now systematically surfacing decades-old flaws before malicious actors can weaponize them. As critical infrastructure increasingly depends on Linux, AI-assisted vulnerability discovery isn't just a competitive advantage—it's a necessity.

AI AgentsMachine LearningCybersecurityAI Safety & Alignment

Comments

Suggested

AnthropicAnthropic
RESEARCH

Anthropic Unveils Hidden 'J-Space' Inside Claude Using New Mechanistic Interpretability Technique

2026-07-11
AnthropicAnthropic
FUNDING & BUSINESS

Anthropic Faces Billing System Crisis: $16.6M Phantom Invoice Charges Korean User

2026-07-11
AnthropicAnthropic
RESEARCH

Local-First Agent Governance: A Framework for Safe, Contained AI Agents

2026-07-11
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us