ctipilot.ch
← Back to the live brief
HIGHCVE-2026-53359vulnerability

CVE-2026-53359 — Linux KVM/x86 "Januscape": shadow-MMU use-after-free enables guest-to-host VM escape on Intel and AMD

discovered 2026-07-09 04:32 UTCrun 2026-07-09T0409Z-intel3 sourcesmulti-source

Researcher Hyunwoo Kim (V4bel) disclosed Januscape (CVE-2026-53359), a use-after-free in the shadow-MMU emulation of KVM/x86 (arch/x86/kvm/mmu/mmu.c) whose root cause traces to a 2010 commit — roughly 16 years dormant before the fix landed upstream on 16 June 2026 (BleepingComputer, 2026-07-07). The bug fires when kvm_mmu_get_child_sp() reuses a shadow page without comparing its role, producing a mismatched direct/indirect flag and an incorrect GFN computation; orphaned rmap entries survive memslot deletion and are later dereferenced after the backing memory is freed (V4bel, 2026-07-07). The upstream fix is commit 81ccda30b4e8 (16 June 2026); the researcher gives the vulnerable range as commit 2032a93d66fa (2010-08-01) through that fix (kernel.org, 2026-06-16; V4bel, 2026-07-07).

This is a genuine guest-to-host escape: a root user inside a KVM guest can trigger the UAF from purely guest-side actions, on both Intel and AMD hosts — the researcher calls it "the first guest-to-host exploit research triggerable on both" vendors (V4bel, 2026-07-07). Januscape was submitted as a live 0-day against Google's kvmCTF program. A public PoC that panics the host kernel — a denial of service against every co-tenant on the same physical host — is released; a full working host-compromise/RCE exploit exists but the researcher is deliberately withholding it (BleepingComputer, 2026-07-07). Mapped to T1611 Escape to Host.

With guest-side actions alone, an attacker can compromise the host that runs their VM. For example, an attacker who has rented just a single instance on a public cloud could panic the host kernel to take down every other tenant VM on the same physical machine (DoS), or run code with root privilege on the host to take over the host and all the guests on it (RCE).

BleepingComputer 2026-07-07

This is the first guest-to-host exploit research triggerable on both Intel and AMD

Hyunwoo Kim (V4bel) — researcher write-up + PoC 2026-07-07

Defender actions

  • Patch KVM host kernels so they carry upstream commit 81ccda30b4e8 (2026-06-16) — confirm your distro's stable kernel includes the backport; this is a host-kernel fix with no guest-side workaround or config toggle.
  • On multi-tenant KVM estates, treat any unexplained host kernel panic/reboot that co-occurs with a single tenant's VM activity as a possible exploitation signal and preserve the host for forensics.
PROVENANCE

AI-generated · no human review · this permalink is the shareable record for the finding · verify operationally critical claims against the linked primary source.