« All posts

Januscape: KVM/x86 Guest-to-Host Escape Flaw (CVE-2026-53359)

Januscape (CVE-2026-53359) is a critical KVM/x86 guest-to-host escape flaw in the shadow MMU, dormant for 16 years and exploitable on both Intel and AMD.

Discovered by Hyunwoo Kim, Januscape (CVE-2026-53359) is a use-after-free bug in KVM/x86's shadow MMU emulation that lets a guest corrupt the host kernel's shadow page using only guest-side actions. The researcher describes it as the first publicly known guest-to-host escape triggerable on both Intel and AMD, and the flaw sat undiscovered in the codebase for roughly 16 years, from 2010 to 2026.

The bug particularly threatens multi-tenant x86 clouds (such as GCP and AWS) that expose nested virtualization to untrusted guests: an attacker renting a single instance could crash the host kernel to take down every co-located tenant, or gain root on the host itself. Because the flaw lives in in-kernel KVM rather than QEMU's emulation, it also affects large clouds running their own custom virtualization stacks. On distributions like RHEL, where /dev/kvm is world-writable (0666), the same bug can be leveraged as a reliable local privilege escalation.

The released PoC unloads the kvm_intel or kvm_amd module inside the guest, loads a malicious replacement, and triggers a race condition that panics the host kernel within minutes; a full weaponized escape exploit exists but has not been published. Januscape was successfully used as a zero-day in Google's kvmCTF program. The fix lands at commit 81ccda30b4e8; arm64 KVM hosts are unaffected by this specific bug, though unpatched systems remain exposed to the previously disclosed ITScape (CVE-2026-46316).