Linux bug dormant for 16 years can cause a VM escape | news
Linux bug dormant for 16 years can cause a VM escape | news
https://www.scworld.com/news/16-year-old-linux-bug-can-cause-a-vm-escape
Publish Date: 2026-07-07 15:28:00
Source Domain: www.scworld.com
A recently disclosed Linux kernel bug known as Januscape that was dormant for 16 years can let attackers execute a virtual machine (VM) escape in which the attacker breaks out of an isolated guest VM and can take over a hypervisor.Security researcher Hyunwoo Kim demonstrated the vulnerability as a zero-day exploit by triggering a “use-after-free” error in the shadow MMU code of the Linux KVM hypervisor.Security pros were concerned about this case because a VM escape shatters the fundamental security model of virtualization: it can let attackers steal data, manipulate the host, or compromise other VMs running on the same server. It’s also important to note that the bug can be executed on both Intel and AMD architectures. “A VM escape allows an attacker to break out of a guest environment and compromise the host system,” said Jason Soroko, a senior fellow at Sectigo. “This threatens multi-tenant cloud architectures because a single compromised instance can grant root privileges over the server. Attackers can then crash the host kernel to cause a Denial-of-Service or execute code to gain control over every virtual machine running on that hardware.”Robert Coles, senior cybersecurity engineer at Black Duck, said VM escapes get so much attention because they break one of the core assumptions virtualization is built on: containment.Coles explained in most cases, if an attacker compromises a VM, the damage stops there, but a VM escape changes that.“Once an attacker reaches the hypervisor, they’re no longer attacking a single workload — they potentially have access to the infrastructure supporting multiple workloads,” said Coles. “That’s why hypervisor compromises are considered some of the highest-impact vulnerabilities in cloud environments.”Coles pointed out that a patch is now available. Any organization running KVM should identify affected hosts, apply the updates, and review any environments exposing nested virtualization, particularly in…
Source