Patch KVM or Proxmox hosts using nested virtualization

A newly disclosed flaw, CVE-2026-53359, is also called Januscape. It affects KVM's shadow paging code when is turned on.

means running a inside another . A public PoC can make the host server crash in a reliable way.

Patched kernels are now available. If updating is not possible right away, the advised is to turn off for that are not fully trusted.

Key points

  • CVE-2026-53359 is also known as Januscape.
  • The issue affects KVM when is enabled.
  • A public PoC can crash the host server.
  • Patched kernels are already available.
  • The short-term is to disable for untrusted .
Read original