Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems

Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems
A newly disclosed Linux kernel flaw, tracked as CVE-2026-53359 and nicknamed Januscape, can let an attacker escape a KVM virtual machine and execute code on the host. The issue affects shadow MMU code, threatens multi-tenant public clouds, and was demonstrated by Hyunwoo Kim as a zero-day in Google kvmCTF. #CVE-2026-53359 #Januscape #KVM #GooglekvmCTF #HyunwooKim

Keypoints

  • Januscape is a Linux kernel vulnerability tracked as CVE-2026-53359.
  • The flaw affects the shadow MMU code in the KVM hypervisor.
  • It can enable VM escape and code execution on the host system.
  • The bug threatens multi-tenant public clouds and nested virtualization setups.
  • It was shown as a zero-day in Google kvmCTF and patched in mainline on June 19.

Read More: https://www.securityweek.com/linux-kernel-vulnerability-allows-vm-escape-on-intel-and-amd-systems/