[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-nebusec-claims-15-year-linux-stack-bug-across-all-distros":10,"sections":49},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":39,"tags":40,"sources":44,"feedback":48,"feedback_at":22,"cost_usd":48,"total_tokens":48},4618,"nebusec-claims-15-year-linux-stack-bug-across-all-distros","Nebusec Claims 15-Year Linux Stack Bug Across All Distros","A security research firm says a stack use-after-free bug called GhostLock hides in every Linux distribution, but its age claim doesn't hold up.","Nebusec says it found a stack use-after-free bug named GhostLock hiding in every Linux distribution.\n\nThe security firm published the second entry in its \"ionstack\" research series Thursday, asserting GhostLock has existed and been exploitable across all Linux distros for 15 years. A stack use-after-free is a memory-corruption class where freed stack memory can be repurposed by an attacker - the typical result is privilege escalation or arbitrary code execution. The post had attracted very little external engagement at publication time.\n\nLinux runs the majority of the world's servers, cloud infrastructure, and embedded systems, so a 15-year-old exploitable bug in every distribution would be a meaningful find. But the timeline strains credibility: Nebusec's own label \"ionstack\" points to io_uring, the async I\u002FO subsystem that first landed in the Linux kernel in 2019 - about seven years ago, not fifteen. Either the vulnerability predates io_uring and the subsystem is one attack vector among others, or the 15-year figure is marketing math. Nebusec has not clarified which.\n\nThe Hacker News thread tied to the disclosure collected five points and a single comment. Treat this as a claim pending independent confirmation, not a confirmed vulnerability.","[\"security\",\"linux\",\"kernel\",\"vulnerability\"]","2026-07-10T20:43:02.000Z","2026-07-10T22:45:18.866Z","2026-07-10T22:45:21.674Z","published",null,[24,30,35],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"The body explicitly acknowledges that the '15 years' framing is likely inaccurate (io_uring shipped in Linux 5.1 in 2019, making it ~7 years old) yet neither the headline nor the dek is corrected to reflect that, leaving an unresolved factual discrepancy between the dek and the body; additionally, the article refers to the research series as 'IOStack' while the source URL spells it 'ionstack' (with an N), a proper-noun inconsistency that must be verified and reconciled before publication.","resolved",{"id":31,"reviewer":32,"round":33,"reason":34,"status":29},"publisher-r2","publisher",2,"The article notes a factual inconsistency (15-year claim vs. io_uring's ~7-year existence) but does not resolve it — publishing an unresolved factual discrepancy about the headline claim requires editorial correction before going live.",{"id":36,"reviewer":32,"round":37,"reason":38,"status":29},"publisher-r3",3,"The article's central claim that GhostLock has been present for 15 years is internally flagged as inconsistent with the stated technical context (io_uring merged in 2019), and Nebusec's own findings are described as 'light on specifics' — the piece openly admits a core factual discrepancy without resolution, making it unfit to publish.","security",[39,41,42,43],"linux","kernel","vulnerability",[45],{"name":46,"url":47},"Hacker News","https:\u002F\u002Fnebusec.ai\u002Fresearch\u002Fionstack-part-2\u002F",0,{"sections":50},[51,56,60,65,70,75,80,85,90,95,100,104,109,114],{"name":52,"slug":53,"count":54,"latest_published_at":55},"AI","ai",2590,"2026-07-16T04:00:00.000Z",{"name":57,"slug":39,"count":58,"latest_published_at":59},"Security",294,"2026-07-15T19:59:48.000Z",{"name":61,"slug":62,"count":63,"latest_published_at":64},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":66,"slug":67,"count":68,"latest_published_at":69},"Policy","policy",158,"2026-07-16T00:02:48.000Z",{"name":71,"slug":72,"count":73,"latest_published_at":74},"Hardware","hardware",122,"2026-07-14T19:46:26.000Z",{"name":76,"slug":77,"count":78,"latest_published_at":79},"Consumer Tech","consumer-tech",93,"2026-07-13T13:20:48.000Z",{"name":81,"slug":82,"count":83,"latest_published_at":84},"Software","software",70,"2026-07-13T19:52:25.000Z",{"name":86,"slug":87,"count":88,"latest_published_at":89},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":91,"slug":92,"count":93,"latest_published_at":94},"Dev Tools","dev-tools",59,"2026-07-07T04:00:00.000Z",{"name":96,"slug":97,"count":98,"latest_published_at":99},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":101,"slug":102,"count":98,"latest_published_at":103},"Startups","startups","2026-06-29T20:55:50.000Z",{"name":105,"slug":106,"count":107,"latest_published_at":108},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":110,"slug":111,"count":112,"latest_published_at":113},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":115,"slug":116,"count":117,"latest_published_at":118},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]