#2
The Hacker News
general
July 06, 2026 at 17:37 UTC
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
By [email protected] (The Hacker News)
AI Summary
CVE-2026-53359, dubbed 'Januscape,' is a 16-year-old use-after-free vulnerability in Linux KVM's shadow MMU code affecting both Intel and AMD x86 systems. A public PoC currently causes host kernel panics, but the researcher claims a separate unreleased exploit achieves full guest-to-host escape, making this a high-severity threat for virtualization environments and cloud infrastructure operators.
Relevance score: 87.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →