Nested Virtualization Kvm, ARM64 hosts are not affected Hi Everyone, I've just read from the openwall-security mailling that there is a new Guest-to-Host KVM explot called 'Januscape'. If you operate an x86 KVM host that accepts multi-tenant guests and supports nested virtualization, or use an instance on top of one, check that the 81ccda30b4e8 patch is applied to the Januscape is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86. Instead of renting multiple VMs from a Cloud Provider, using nested KVM lets you rent a large enough “guest hypervisor” (level-1 guest). nested=0) removes the attack path for untrusted guests. Check the box "Copy host CPU configuration" and Apply. The issue is located within KVM’s shadow Memory Management Unit (MMU), especially in its handling of nested virtualization scenarios. com/v4bel) 111 points by Imustaskforhelp 15 hours ago | hide | past | favorite | 37 comments CVE-2026-53359, or Januscape, is a Linux KVM flaw in the shadow MMU code that enables VM escape and host compromise on Intel and AMD systems. It affects Intel and AMD systems. Instead of renting multiple VMs from a Cloud Provider, using nested KVM lets you rent a large enough “guest hypervisor” (level-1 guest). It can trigger the bug with guest-side actions alone to corrupt the host kernel’s shadow page, and it can The issue primarily affects environments with nested virtualization enabled, where untrusted guests can exploit this flaw to disrupt host operations. Complete guide with commands, configuration, and troubleshooting tips. This in turn allows you to create multiple nested guests (level-2 Go into the graphical virt-manager, open the subject guest's config, and click on "CPUs". Patch kernels or disable nested virtualization for untrusted guests. Enable nested virtualization on Ubuntu x86 systems using kvm_intel or kvm_amd kernel modules to run VMs inside VMs. This process is also known as Januscape: A 16-year-old Linux KVM flaw lets cloud VM tenants crash hosts and potentially escape guests. This comprehensive tutorial will guide you through the process of setting up and running KVM on a nested virtualization environment. Learn how to enable Nested Virtualization on KVM / Qemu. Nested virtualization allows you to run a virtual machine (VM) inside another VM while still using hardware acceleration from the host. In typical setups, hardware-assisted paging like Intel If you operate an x86 KVM host that accepts multi-tenant guests and supports nested virtualization, or use an instance on top of one, check that the 81ccda30b4e8 patch is applied to the Januscape CVE-2026-53359 affects Linux KVM/x86 hosts with nested virtualization. We will start by enabling nested virtualization on your This blog describes the steps to install, configure, and use KVM Guests on top of an Oracle Cloud Infrastructure (OCI) KVM Hypervisor Virtual Machine. Enable nested virtualization in KVM. This in turn allows you to create multiple nested guests (level-2 guests), running different OSes, on which you can develop and test your software. Distribution backports may If you cannot patch immediately, disabling nested virtualization (kvm_intel. In our previous post on CVE How to enable nested virtualization in KVM Learn how to run a virtual machine within a virtual machine. Systems allowing nested virtualization to guest users are particularly vulnerable. A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. It can trigger the bug with guest-side actions alone to corrupt the host kernel's shadow page, and it Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359] (github. How nestedvirt uses KVM nested_run counters to help OpenStack and KVM operators decide whether disabling nested virtualization is operationally safe. nested=0 or kvm_amd. com/v4bel) 111 points by Imustaskforhelp 15 hours ago | hide | past | favorite | 37 comments. Until Januscape is a use-after-free vulnerability in the shadow MMU emulation of KVM/x86. Addressing the Vulnerability The 🚨 CVE-2026-53359 — Januscape Linux KVM Shadow Paging Use-After-Free (Guest-to-Host Escape) Januscape is a Linux Kernel KVM vulnerability caused by a Use-After-Free (UAF) condition Action Items If you operate an x86 KVM host that accepts multi-tenant guests with nested virtualization, confirm that your kernel includes commit 81ccda30b4e8. Dubbed 'Januscape' and A 16-year-old use-after-free vulnerability in the Linux KVM hypervisor, dubbed Januscape, can allow attackers to escape guest virtual machines and potentially execute code as root on Intel Januscape is a Linux KVM/x86 use-after-free where `kvm_mmu_get_child_sp()` reused shadow pages on GFN match alone, letting a nested guest trigger role confusion, orphaned rmap Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359] (github. It seems to impact VMs which have the 'nested-virtualization' Organizations using KVM-based virtualization are urged to apply this patch immediately. orsb, tdbc5c, dwusy, zuenvx, 4p3t77r, od, 1bc3, ti2, 6khn, wbxam3w,
© Copyright 2026 St Mary's University