National Cyber Warfare Foundation (NCWF)

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems


0 user ratings
2026-07-06 18:32:03
milo
Developers
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it.

Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Developers



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.