16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it.

Dubbed ‘Januscape’ and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

HackerRank open sourced its ATS. My resume scored 90/100. Oh wait 74. No – 88

HackerRank open sourced its ATS. My resume scored 90/100. Oh wait 74. No – 88 Source: Hacker News

.self: A new top-level domain designed to support self-hosting

.self: A new top-level domain designed to support self-hosting Source: Hacker News

System call instrumentation on Linux/x86‑64 using memory‑indirect calls, part I

System call instrumentation on Linux/x86‑64 using memory‑indirect calls, part I Source: Hacker News