All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Januscape (CVE-2026-53359): First Cross-Architecture KVM/x86 Guest-to-Host Escape Vulnerability

By

Imustaskforhelp

21h ago· 4 min readenCode

Summary

This document describes the Januscape vulnerability (CVE-2026-53359), a KVM/x86 guest-to-host escape discovered by Hyunwoo Kim. It is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86 that allows a guest to escape to the host. Notably, it is the first publicly known guest-to-host exploit research triggerable on both Intel and AMD architectures, rather than being limited to a single architecture.

Source

Hacker NewsJanuscape (CVE-2026-53359): First Cross-Architecture KVM/x86 Guest-to-Host Escape Vulnerabilitygithub.com

Key quotes

· 3 pulled
This is the first guest-to-host exploit research triggerable on both Intel and AMD rather than being limited to a single architecture.
Januscape is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86.
It can trigger the bug with guest-side actions alone to corrupt the host kernel.
Snippet from the RSS feed
Contribute to V4bel/Januscape development by creating an account on GitHub.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.