A Linux kernel vulnerability known as GhostLock has been discovered, which allows an unprivileged local attacker to gain root access and escape containers. The vulnerability has existed in every major Linux distribution since 2011 and was introduced in Linux 2.6.39, but was only recently fixed in Linux 7.1. The exploit uses a combination of techniques, including a stack-use-after-free bug and a prefetch-based information leak, to achieve privilege escalation. The vulnerability was rewarded with $92,337 in the kernelCTF competition.