First reported by BackBox.org
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
By
[email protected] (The Hacker News)
21h agoen
Source
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit
You might also wanna read
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
BackBox.org·20h ago
Januscape (CVE-2026-53359): First Cross-Architecture KVM/x86 Guest-to-Host Escape Vulnerability
This document describes the Januscape vulnerability (CVE-2026-53359), a KVM/x86 guest-to-host escape discovered by Hyunwoo Kim. It is a use-
Copy Fail (CVE-2026-31431): A Linux Kernel Vulnerability Enabling Container Escape to Host Root on Kubernetes
Two weeks ago, the vulnerability Copy Fail (CVE-2026-31431) was disclosed — a dangerous Linux local-privilege escalation vulnerability that
Working Exploit Released for Linux Kernel Use-After-Free Flaw CVE-2026-23111 Enabling Local Root Access
Security researchers have released a working exploit for CVE-2026-23111, a Linux kernel use-after-free vulnerability in nf_tables. The flaw
hendryadrian.com·28d agoCVE-2026-31431 "CopyFail": Linux Local Privilege Escalation Vulnerability Disclosed
A Linux kernel vulnerability (CVE-2026-31431), nicknamed "CopyFail," has been disclosed on the oss-security mailing list. The vulnerability
openwall.com·2mo ago
Cloudflare's response to the "Copy Fail" Linux kernel vulnerability (CVE-2026-31431)
Cloudflare's security and engineering teams responded to the "Copy Fail" Linux kernel local privilege escalation vulnerability (CVE-2026-314

Comments
Sign in to join the conversation.
No comments yet. Be the first.