A Linux kernel vulnerability tracked as CVE-2026-53359 and named Januscape allows an attacker to escape a virtual machine and execute arbitrary code on the underlying host. The flaw, disclosed by security researcher Hyunwoo Kim, resided in the shadow MMU emulation code of the KVM/x86 hypervisor and went undetected for approximately 16 years before being patched in mainline Linux on June 19, 2026, via commit 81ccda30b4e8.

Technical Details

Januscape is a use-after-free vulnerability that can be triggered from inside a guest VM to corrupt the shadow page state of the host kernel. Successful exploitation requires root privileges within the guest, which is the default configuration for VM instances on major public cloud providers. Kim describes it as the first KVM exploit demonstrated to work reliably on both Intel and AMD x86 architectures, rather than being limited to a single processor platform.

On certain Linux distributions where /dev/kvm is world-writable, including Red Hat Enterprise Linux (RHEL), unprivileged local attackers can also exploit the flaw to escalate privileges to root without needing guest administrator access.

Impact and Exploitation Scenarios

The practical consequences for multi-tenant cloud environments are significant. An attacker renting a single cloud instance could:

  • Panic the host kernel, forcing an outage for every other tenant VM on the same physical server (denial of service).
  • Execute code as root on the host and take over all guest VMs running on it (remote code execution).

Kim demonstrated Januscape as a zero-day in Google’s kvmCTF vulnerability reward program, which offers up to $250,000 for full VM escape submissions. Kim published a technical write-up and a proof-of-concept capable of triggering a host kernel panic, but stated a full guest-to-host escape exploit will not be released for the foreseeable future.

Chaining with Dirty Frag

Attackers who do not already hold guest root access could chain Januscape with Dirty Frag, a Linux local privilege escalation vulnerability Kim disclosed in May 2026. Dirty Frag chains two separate page-cache write vulnerabilities (CVE-2026-43284 and CVE-2026-43500) to gain root on distributions including Ubuntu, RHEL, CentOS Stream, and Fedora. Combining the two flaws provides a path from an unprivileged guest session to full host compromise.

Recommended Action

Administrators running KVM/x86 hosts that accept multi-tenant guest workloads should verify that commit 81ccda30b4e8 has been applied to the host kernel. Distributions shipping updated kernels that include this patch are protected; those that have not yet applied the fix remain exposed to both the denial-of-service and code execution scenarios described above.