Important Linux security update GhostLock (CVE-2026-43499): What Self Managed VPS customers need to do 

Product NewsCategory
3 min read

A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2026-43499, affects nearly all Linux servers worldwide. If you run a self-managed VPS, you are responsible for applying this update to your own server. This article explains what self-managed VPS customers must do to protect themselves.

Note: This is an industry-wide vulnerability in the open-source Linux kernel that affects all hosting providers. It is not specific to GoDaddy. If you are running Linux servers on other platforms, you should take steps to update those servers as well.

What is the vulnerability?

CVE-2026-43499 is a flaw in the Linux kernel rated High severity (CVSS 7.8). An attacker who already has limited access to your server, for example through a vulnerable web application or an untrusted user account, could use this flaw to gain full administrator (root) control of the server.

Because the attacker needs an existing foothold first, keeping the rest of your software up to date is an important part of your defense. The complete fix, however, is to install the patched kernel and reboot.

Is my server affected?

Once your patch is available, follow the “Once the Patched Kernel Is Available” section below, which at a high level will require you to:

  1. Update your operating system to the patched kernel your OS vendor provides.
  2. Reboot your server. A kernel update does not take effect until you reboot. This step is required.
  3. Verify that your server is running the updated kernel.
  • Linux servers (AlmaLinux, Ubuntu, Debian, CentOS, and others): Assume yes, until you have applied the patched kernel and rebooted.
  • Windows servers: Not affected by this vulnerability.

Patched kernels are released by each operating system vendor on their own schedule. Check the current status for your OS:

Before a patch is available

  • Until your OS vendor releases a patched kernel, there is no configuration change that fully removes this vulnerability. The steps below reduce your exposure in the meantime. Applying the patched kernel and rebooting is the only complete fix.
  • Turn on automatic security updates so you receive the patched kernel as soon as it ships. Remember that a reboot is still required for it to take effect.
  • Keep your other software patched (applications, CMS, plugins). This is the most common way an attacker gains the initial access that this flaw then escalates.
  • Limit who can log in. Restrict SSH and local accounts to trusted users and keys, and remove any accounts you no longer use.
  • Take a snapshot of your server before you update, so you can roll back if needed.

Once the patched kernel is available

Take a snapshot backup first, then follow the steps for your environment.

How to confirm you are protected

After rebooting, check your running kernel version:

uname -r 

Compare it against the fixed version listed for your operating system on the tracker pages above. If your OS shows your release as fixed and your server is running that kernel or newer, you are protected.

Want help with this?

If you would rather not handle server updates yourself, GoDaddy’s Expert Services (Do It For You) can apply this update for you, and our Managed VPS adds ongoing server management and expert support. Contact support to learn more about Expert Services or Managed VPS.