Six-figure bounty awarded for Linux KVM guest-to-host escape flaws

1 min read
Source: Ars Technica
Six-figure bounty awarded for Linux KVM guest-to-host escape flaws
Photo: Ars Technica
TL;DR Summary

Google paid $250,000 for Januscape (CVE-2026-53359), a use-after-free flaw in Linux KVM's shadow MMU that can let a malicious guest VM break out and gain root on the host; a separate flaw, GhostLock (CVE-2026-43499), lets limited users escalate to root via futex priority-inheritance. Patches are in the Linux kernel, and users should update to mitigate the risk.

Share this article

Reading Insights

Total Reads

0

Unique Readers

5

Time Saved

5 min

vs 5 min read

Condensed

94%

96257 words

Want the full story? Read the original article

Read on Ars Technica