ADA Cloud: CVE-2026-43499 GhostLock – action required on VMs

  1. /
  2. HPC Center news
  3. /
  4. ADA Cloud: CVE-2026-43499 GhostLock – action required on...

Dear Users,  

This is to inform you regarding the very recent linux kernel vulnerability CVE-2026-43499 GhostLock, that may allow a local user to gain root privileges in your Virtual Machines. [1] [2] 

It is thus required to fix the vulnerability as soon as possible on your VMs:  

  • Apply the latest available kernel updates from your Linux distribution. 
  • Reboot systems where required to ensure the patched kernel is active. 
  • Prioritize shared, multi-tenant, container-hosting, and CI/CD environments, and if you have unprivileged users with shell access to your VM, as these are considered higher-risk scenarios.  

Let us know in case of issues, sending an email to [email protected]  

HPC Cloud Support.  

[1] 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros 
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-43499