- A critical vulnerability dubbed ‘Januscape‘ (CVE-2026-53359) allows a guest virtual machine to panic or potentially execute code on the host KVM hypervisor.
- The flaw is a use-after-free bug in Linux’s KVM shadow MMU code, present since 2010 and exploitable on both Intel and AMD x86 processors.
- The bug requires the guest to have root access and for nested virtualization to be enabled on the host, a common scenario in multi-tenant cloud environments.
- Security researcher Hyunwoo Kim (@v4bel) found the flaw, which has been patched in stable kernel versions as of July 4, 2026.
Security researcher Hyunwoo Kim (@v4bel) has disclosed a severe vulnerability in the Linux KVM hypervisor that allows a malicious virtual machine guest to crash or potentially take full control of the host server. Dubbed ‘Januscape‘, this 16-year-old bug exploits a use-after-free condition in the shadow MMU code shared by Intel and AMD platforms. Kim described it as the first publicly known guest-to-host exploit triggerable on both major x86 vendors.
The flaw stems from KVM incorrectly reusing shadow page table tracking pages. Consequently, this mismanagement corrupts the hypervisor’s internal memory state. The public proof-of-concept reliably crashes the host kernel, causing a denial-of-service for all other VMs on the same physical machine.
However, Kim claims a separate, unreleased exploit chain can turn the same bug into full host code execution. This attack path requires no cooperation from userspace software like QEMU. It is purely an in-kernel vulnerability within KVM itself.
According to Kim, the exploit was submitted to Google’s kvmCTF bug bounty program. Januscape is his third major Linux kernel exploit disclosure in recent months, following Dirty Frag and ITScape for ARM64. The practical impact is significant for any x86 cloud host running untrusted guests with nested virtualization enabled.
A one-line patch from KVM maintainer Paolo Bonzini fixes the issue by ensuring page reuse checks both the address and role. Meanwhile, administrators who cannot patch immediately should disable nested virtualization on their hosts. Stable kernels containing the fix began shipping on July 4, 2026.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
