Google pays $250k for Linux bug that lets VMs escape

▼ Summary
– A Linux vulnerability (CVE-2026-53359) in KVM allows guest virtual machines to gain root access to the host machine.
– The flaw, named Januscape, is a use-after-free memory corruption bug in KVM’s shadow MMU emulation that went unnoticed for 16 years.
– It affects KVM on both AMD and Intel processors and can be exploited using only guest-side actions.
– An attacker could panic the host kernel for denial of service or run code with root privilege to take over the host and all guest VMs.
– Researcher Hyunwoo Kim released a proof-of-concept exploit that triggers a host crash but will not release a full escape exploit in the near future.
A critical security hole in the Linux kernel has been discovered, one that allows an untrusted virtual machine to break out of its isolated environment and seize root access on the host system. This high-severity vulnerability joins another serious flaw revealed this week in the open source operating system.
The bug, designated CVE-2026-53359, resides in KVM (Kernel-based Virtual Machine), a virtualization module embedded in many Linux distributions. In cloud platforms, KVM is used to isolate each user’s instance from the host operating system and from other tenants. This flaw shatters that isolation, letting a guest VM escape its container.
Dubbed Januscape by its discoverer, researcher Hyunwoo Kim, the vulnerability affects KVM running on both AMD and Intel processors. It exploits bugs in the guest-side portion of KVM, which includes only resources like the OS and drivers inside the guest VM, not the host’s own resources. Remarkably, this threat lay dormant in the Linux kernel for 16 years without detection.
“With guest-side actions alone, an attacker can compromise the host that runs their VM,” Kim wrote. He described the potential fallout: an attacker renting a single instance on a public cloud could panic the host kernel, taking down every other tenant VM on the same physical machine in a denial-of-service attack, or execute code with root privileges on the host to seize control of the entire system and all its guests.
Januscape is a use-after-free vulnerability, a memory corruption flaw that injects malicious code into memory regions that have been recently freed. It specifically targets the shadow MMU emulation, a process that translates memory addresses between the host and the hypervisor. By triggering guest-side actions, an attacker can corrupt the host kernel’s shadow page, a data structure used in this address translation.
Kim has released a proof-of-concept exploit that runs inside a guest VM and triggers a crash on the host OS. He confirmed that a full guest escape exploit exists but will not be made public until “the very distant future.” Google has paid a $250,000 bounty for the discovery, underscoring the severity of the flaw for cloud providers and enterprise environments relying on KVM-based virtualization.
(Source: Ars Technica)




