ctipilot.ch

Linux KVM/x86 'Januscape' shadow-MMU use-after-free — guest-to-host VM escape on Intel and AMD (public PoC host-DoS; RCE withheld); fixed 6.1.177/6.6.144/6.12.95/6.18.38/7.1.3

cve · CVE-2026-53359

Coverage timeline
1
first 2026-07-09 → last 2026-07-09
Entries
1
1 distinct days
Sources cited
3
3 hosts
Sections touched
1
trending-vulnerabilities
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-07-09CVE-2026-53359 — Linux KVM/x86 "Januscape": shadow-MMU use-after-free enables guest-to-host VM escape on Intel and AMD
    trending-vulnerabilitiesJanuscape (CVE-2026-53359): 16-year-old KVM shadow-MMU UAF gives a guest root a host escape on both Intel and AMD

Where this entity is cited

  • trending-vulnerabilities1

Source distribution

  • bleepingcomputer.com1 (33%)
  • git.kernel.org1 (33%)
  • github.com1 (33%)

Entries about Linux KVM/x86 'Januscape' shadow-MMU use-after-free — guest-to-host VM escape on Intel and AMD (public PoC host-DoS; RCE withheld); fixed 6.1.177/6.6.144/6.12.95/6.18.38/7.1.3 (1)

2026-07-09 · view entry permalink →

CVE-2026-53359 — Linux KVM/x86 "Januscape": shadow-MMU use-after-free enables guest-to-host VM escape on Intel and AMD

Researcher Hyunwoo Kim (V4bel) disclosed Januscape (CVE-2026-53359), a use-after-free in the shadow-MMU emulation of KVM/x86 (arch/x86/kvm/mmu/mmu.c) whose root cause traces to a 2010 commit — roughly 16 years dormant before the fix landed upstream on 16 June 2026 (BleepingComputer, 2026-07-07). The bug fires when kvm_mmu_get_child_sp() reuses a shadow page without comparing its role, producing a mismatched direct/indirect flag and an incorrect GFN computation; orphaned rmap entries survive memslot deletion and are later dereferenced after the backing memory is freed (V4bel, 2026-07-07). The upstream fix is commit 81ccda30b4e8 (16 June 2026); the researcher gives the vulnerable range as commit 2032a93d66fa (2010-08-01) through that fix (kernel.org, 2026-06-16; V4bel, 2026-07-07).

This is a genuine guest-to-host escape: a root user inside a KVM guest can trigger the UAF from purely guest-side actions, on both Intel and AMD hosts — the researcher calls it "the first guest-to-host exploit research triggerable on both" vendors (V4bel, 2026-07-07). Januscape was submitted as a live 0-day against Google's kvmCTF program. A public PoC that panics the host kernel — a denial of service against every co-tenant on the same physical host — is released; a full working host-compromise/RCE exploit exists but the researcher is deliberately withholding it (BleepingComputer, 2026-07-07). Mapped to T1611 Escape to Host.

With guest-side actions alone, an attacker can compromise the host that runs their VM. For example, an attacker who has rented just a single instance on a public cloud could panic the host kernel to take down every other tenant VM on the same physical machine (DoS), or run code with root privilege on the host to take over the host and all the guests on it (RCE).

BleepingComputer 2026-07-07

This is the first guest-to-host exploit research triggerable on both Intel and AMD

Hyunwoo Kim (V4bel) — researcher write-up + PoC 2026-07-07
vulnerability09 Jul 04:32Zmulti-sourceOpen finding ↗