Critical Januscape Vulnerability in Linux KVM Exposes Cloud Servers to Attacks

Critical Januscape Vulnerability in Linux KVM Exposes Cloud Servers to Attacks

First seen 7 Jul 2026, 12:27 UTC ThehackernewsSecurityaffairs.CoCybersecuritynewsGbhackersKorben.Info+3 85% similarity 74.0

Article Content

Browse articles
ThreatCluster

A critical vulnerability in Linux KVM, named Januscape (CVE-2026-53359), has been discovered after lying dormant for 16 years. This flaw allows attackers with root access in a guest virtual machine to escape to the host and execute arbitrary code, affecting both Intel and AMD systems. The vulnerability stems from a use-after-free issue in KVM's shadow MMU emulation, which can lead to host kernel crashes or full control over the host and other guests. The bug was disclosed by researcher Hyunwoo Kim and has been patched as of July 4, 2026. It poses a significant risk to multi-tenant cloud environments, such as those used by major providers like Google Cloud and AWS. Administrators are urged to apply the patch immediately to mitigate risks.

Key Points: • Januscape (CVE-2026-53359) allows guest VMs to escape and control the host system. • The vulnerability has existed for 16 years and affects both Intel and AMD architectures. • A patch has been released; administrators must ensure it is applied to secure their systems.

ThreatCluster AI

Timeline

2026-05-08
CVE-2026-43284 published
A local privilege escalation flaw was disclosed, affecting major Linux distributions.
Bleepingcomputer
2026-05-11
CVE-2026-43500 published
Another Linux vulnerability was disclosed, allowing privilege escalation on various distributions.
Bleepingcomputer
2026-07-04
CVE-2026-53359 published
The Januscape vulnerability was officially disclosed and patched in the Linux kernel.
Cybernews
2026-07-07
Public PoC released
Hyunwoo Kim published a proof-of-concept code demonstrating the exploit's impact.
Cybernews

Community

Browse all →