Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    New Linux kernel flaw allows VM escape on Intel, AMD devices

    July 7, 2026

    Cybersecurity Grant Funding: FEMA Clarifies SLCGP Use for CIS Services

    July 7, 2026

    Microsoft testing new Cloud Rebuild Windows 11 recovery feature

    July 7, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»New Linux kernel flaw allows VM escape on Intel, AMD devices
    News

    New Linux kernel flaw allows VM escape on Intel, AMD devices

    adminBy adminJuly 7, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Linux

    A 16-year-old Linux kernel vulnerability, dubbed Januscape, allows attackers to escape a virtual machine and execute arbitrary code on the host.

    According to Hyunwoo Kim, the security researcher who discovered it, this guest-to-host escape flaw (tracked as CVE-2026-53359) stems from a use-after-free weakness in the shadow MMU emulation of KVM/x86, the kernel-based virtual machine built for x86 and x86_64 (AMD64) processor architectures.

    Januscape has been present in the Linux kernel for approximately 16 years before being patched in June 2026, and was used as a zero-day exploit in Google’s kvmCTF vulnerability reward program (VRP).

    image

    Successful exploitation allows attackers with root access inside a guest virtual machine (the default configuration on public cloud instances) to execute code as root on the host and take over all guests running on it or crash the host kernel (knocking every other tenant’s virtual machine on the same server offline).

    Kim described Januscape as the first guest-to-host exploit that can be triggered on both Intel and AMD processor architectures, rather than being limited to a single platform, and noted that it poses a distinct risk to multi-tenant public cloud environments, such as those offered by Google Cloud and Amazon Web Services.

    “With guest-side actions alone, an attacker can compromise the host that runs their VM,” Kim explained on Monday. “For example, an attacker who has rented just a single instance on a public cloud could panic the host kernel to take down every other tenant VM on the same physical machine (DoS), or run code with root privilege on the host to take over the host and all the guests on it (RCE).”

    On some Linux distros, such as Red Hat Enterprise Linux (RHEL), where /dev/kvm is world-writable, unprivileged attackers can also exploit CVE-2026-53359 to reliably gain root permissions on unpatched devices.

    Januscape demo
    Januscape demo (Hyunwoo Kim)

    ​The security researcher published a technical write-up and a proof-of-concept exploit that can trigger a host kernel panic, and said that a full guest-to-host escape exploit will not be released for the foreseeable future.

    Administrators running KVM/x86 hosts that accept multi-tenant guests should confirm that patch commit 81ccda30b4e8 has been applied to the host kernel to ensure the hosts are secure against attacks.

    In May 2026, Kim also disclosed Dirty Frag, a Linux local privilege escalation flaw that chains xfrm-ESP (CVE-2026-43284) and RxRPC (CVE-2026-43500) page-cache write vulnerabilities to gain root access on major distributions, including Ubuntu, Red Hat Enterprise Linux, CentOS Stream, and Fedora.

    Kim noted that attackers without guest root access on a target device could chain the Dirty Frag and Januscape flaws to achieve full compromise.


    article image

    Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

    The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

    Get the whitepaper



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleCybersecurity Grant Funding: FEMA Clarifies SLCGP Use for CIS Services
    admin
    • Website

    Related Posts

    News

    Cybersecurity Grant Funding: FEMA Clarifies SLCGP Use for CIS Services

    July 7, 2026
    News

    Microsoft testing new Cloud Rebuild Windows 11 recovery feature

    July 7, 2026
    News

    Fake IT support calls on Microsoft Teams push EtherRAT malware

    July 6, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202633 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202633 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views
    Our Picks

    New Linux kernel flaw allows VM escape on Intel, AMD devices

    July 7, 2026

    Cybersecurity Grant Funding: FEMA Clarifies SLCGP Use for CIS Services

    July 7, 2026

    Microsoft testing new Cloud Rebuild Windows 11 recovery feature

    July 7, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.