CyberSecurity News
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
AI summary
A vulnerability has been discovered in Linux's KVM hypervisor, affecting Intel and AMD x86 systems. The flaw, known as Januscape, is a use-after-free bug that can be triggered from a guest virtual machine, allowing it to corrupt the host kernel's shadow-page state. This bug is located in the shadow MMU code shared by KVM on both Intel and AMD systems. A public proof-of-concept has been released, which causes the host to panic. Additionally, a separate exploit is claimed to exist, although it has not been made public. The vulnerability has been assigned the identifier CVE-2026-53359.
Vulnerabilities mentioned
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

