Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Two Critical Linux Vulnerabilities Allow Untrusted Users to Gain Root Privileges


A critical flaw has been discovered in the Linux operating system, allowing untrusted virtual machines to gain root access to host machines. The vulnerabilities, tracked as CVE-2026-53359 and CVE-2026-43499, have been identified through Google's kernelCTF bug-bounty program and have been patched by the Linux community. This highlights the ongoing importance of secure coding practices and regular vulnerability testing in open-source software.

  • Two high-severity vulnerabilities were discovered in the Linux operating system.
  • Vulnerabilities allow untrusted users to gain root privileges on host machines running virtual machines using KVM application.
  • First vulnerability, Januscape, allows exploitation of a use-after-free bug in shadow MMU emulation, leading to a crash on the host OS.
  • Second vulnerability, GhostLock, allows an attacker to escalate privileges by trusting a stale pointer to freed memory.
  • Vulnerabilities were discovered through Google's kernelCTF bug-bounty program and rewarded with $250,000 and $92,337 respectively.
  • Users should ensure their distribution has patched the affected versions of KVM and Linux kernels to mitigate risks.



  • In a recent discovery that highlights the ongoing importance of secure coding practices, two high-severity vulnerabilities were uncovered in the open-source operating system, Linux. The vulnerabilities, tracked as CVE-2026-53359 and CVE-2026-43499, allow untrusted users to gain root privileges on host machines running virtual machines (VMs) using the KVM (Kernel-based Virtual Machine) application.

    The first vulnerability, Januscape, resides in the shadow MMU emulation of KVM, which is responsible for translating host memory addresses to hypervisor memory addresses and vice versa. This vulnerability allows an attacker to exploit a use-after-free bug, corrupting the host kernel's shadow page, leading to a crash on the host OS. A proof-of-concept exploit has been released, demonstrating the feasibility of this attack.

    The second vulnerability, GhostLock, resides in the futex priority-inheritance machinery of the Linux kernel. This system is responsible for keeping an urgent task from getting stuck behind a trivial one. However, in a rare path where a lock operation hits a dead end and has to back out, the cleanup step runs at the wrong moment and wipes the wrong task's record. This leaves the kernel holding a pointer to memory that has already been freed and reused. Trusting this stale pointer is the entire bug, allowing an attacker to escalate their privileges from limited rights to full root access.

    Both vulnerabilities were discovered through Google's kernelCTF bug-bounty program, which awards rewards for reporting secure coding flaws in the Linux kernel. The first vulnerability was awarded $250,000, while the second was awarded $92,337.

    To mitigate these risks, Linux users should ensure that their distribution has patched the affected versions of the KVM and Linux kernels. Regular updates and security patches are essential to protecting against such vulnerabilities.

    The discovery of these vulnerabilities serves as a reminder of the importance of secure coding practices and ongoing vulnerability testing in open-source software. As the Linux community continues to evolve, it is crucial that developers and users remain vigilant in identifying and addressing potential security risks.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Two-Critical-Linux-Vulnerabilities-Allow-Untrusted-Users-to-Gain-Root-Privileges-ehn.shtml

  • https://arstechnica.com/security/2026/07/high-severity-guest-vm-escape-is-1-of-2-linux-vulnerabilities-to-surface-this-week/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-53359

  • https://www.cvedetails.com/cve/CVE-2026-53359/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-43499

  • https://www.cvedetails.com/cve/CVE-2026-43499/


  • Published: Wed Jul 8 15:54:28 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us