GhostLock (CVE-2026-43499) is a use-after-free in Linux futex priority-inheritance code that has shipped by default in nearly every distro since 2011. Nebula Security's public exploit turns any logged-in user into root with 97% reliability and escapes containers. Patching is the only real fix.