Skip to content

16-Year-Old Linux KVM Vulnerability Enables VM Escape on Intel and AMD

In a nutshell: A 16-year-old use-after-free flaw in Linux KVM enables attackers to escape from guest VMs to the host kernel and corrupt its shadow-page state.

A use-after-free bug in Linux’s KVM hypervisor enables escape attacks from guest VMs to the host kernel. The vulnerability CVE-2026-53359 affects the Shadow-MMU component, which is shared between Intel and AMD.

The flaw is designated as “Januscape” and carries the CVE-ID CVE-2026-53359. It resides in the Shadow-MMU code of the KVM hypervisor, which is used across Intel and AMD processors.

A publicly available proof-of-concept leads to a panic of the host system. The security researcher indicates that a separate, non-public exploit demonstrates the scope of the vulnerability beyond the mere DoS scenario.

For CISOs, this flaw represents a significant risk in multi-tenant virtualization environments or in scenarios where untrusted code runs on shared hypervisors. The ability to access the host kernel from a guest VM potentially allows attackers to compromise adjacent VMs or directly take over the hypervisor infrastructure.

A patch is required. Affected systems should immediately be reviewed to determine whether KVM is running in their infrastructure in production environments with not fully trusted guest VMs.


Source: thehackernews.com · Published 6 July 2026
Lumi AI News — AI-assisted curation according to Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.7.3.

Share on: