|
jeffv via plug on 7 Jul 2026 05:49:42 -0700
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
- From: jeffv via plug <plug@lists.phillylinux.org>
- To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
- Subject: [PLUG] KVM flaw
- Date: Tue, 7 Jul 2026 08:49:35 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastmailservice.net; s=20211018a; t=1783428577; bh=1scD5JLSq1l/8S9Sia5UVp8Vy7Sl8umw4woUKyfbEuk=; h=Received:Received:Message-ID:Date:MIME-Version:To:From:Subject: Content-Type:Xfinity-Spam-Result; b=CM7DV3tP+ahB1wwR5oRUaqKAVXTThdHibDxJHFotM8e+PdnQOmcySiQhES5h56t7Z LPfLoSDaDEYGxBdA2CjYPCb15yL4f/fm07VEDFuq1jr4egB7OZtgUPEBMwDx2IpVAX 65X7zhUnqCytaJEiR1R0jqAAeET03rjRRf4Xd54pAZ5HGrZb3G5Txg0PTqxG/dCeN6 I0CYp2n8RVsjQhI6EbqPNAptyA4cwUwe/v1nudXNHcKa4ogqdWlKihtxuQKD7NNb83 4se1Zg2KJMDSZIO6DXidK/pGdtZ1pa0Ee7g5yprfGnd3sbnoYGpeMETV3U48IUNT04 nhTPOCYaufcOQ==
- Reply-to: jeffv <jeffv@op.net>
- Sender: "plug" <plug-bounces@lists.phillylinux.org>
- User-agent: Mozilla Thunderbird
- Xfinity-graffiti: 26007360869
- Xfinity-qid: h5F1wP4JVKoQ2h5F1wzP9o
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and
AMD x86 Systems
https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html
A use-after-free bug in Linux's KVM hypervisor can be triggered from a
guest virtual machine to corrupt the shadow-page state of the host
kernel that runs it.
Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the
shadow MMU code that KVM shares across both Intel and AMD. The public
proof-of-concept panics the host; the researcher claims that a separate,
unreleased exploit turns the same bug into full host code execution.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug