16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it.

Dubbed ‘Januscape’ and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

A short history of Cerro Torre, the most controversial mountain (2012)

A short history of Cerro Torre, the most controversial mountain (2012) Source: Hacker News

After AI Takes Everything

After AI Takes Everything Source: Hacker News

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited