Six-figure bounty awarded for Linux KVM guest-to-host escape flaws

TL;DR Summary
Google paid $250,000 for Januscape (CVE-2026-53359), a use-after-free flaw in Linux KVM's shadow MMU that can let a malicious guest VM break out and gain root on the host; a separate flaw, GhostLock (CVE-2026-43499), lets limited users escalate to root via futex priority-inheritance. Patches are in the Linux kernel, and users should update to mitigate the risk.
- High-severity guest VM escape is 1 of 2 Linux vulnerabilities to surface this week Ars Technica
- 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems The Hacker News
- Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems SecurityWeek
- Hackers can break out of KVM virtual machines: critical flaw threatens cloud Cybernews
- Intel and AMD systems at risk from virtualization vulnerability SDxCentral
Reading Insights
Total Reads
0
Unique Readers
5
Time Saved
5 min
vs 5 min read
Condensed
94%
962 → 57 words
Want the full story? Read the original article
Read on Ars Technica