#linux-kernel
6 stories taggedlinux-kernel.

16-Year-Old Linux Bug Lets Attackers Escape Virtual Machines on Intel and AMD
Researcher Hyunwoo Kim's 'Januscape' flaw (CVE-2026-53359) sat in KVM for over a decade and threatens shared cloud servers at Google Cloud, AWS and beyond.

A 16-Year-Old Flaw in Linux's Virtual Machine Engine Lets Guests Break Into Their Host
Januscape (CVE-2026-53359) sits in shared code used on both Intel and AMD servers, and a public demo already crashes the host machine.

Linux act_pedit OOB Write Poisons Page Cache, Hands Local Users Root
CVE-2026-46331 weaponizes a traffic-control bug to overwrite cached binaries. Working PoC dropped a day after disclosure.

DirtyClone: New DirtyFrag-Family Kernel Bug Hands Local Users Root
CVE-2026-43503 (CVSS 8.8) corrupts file-backed memory through a cloned skb. A working PoC is now public.

Public Exploit Drops for nf_tables UAF: CVE-2026-23111 Gives Local Root, Container Escape
Exodus Intelligence published a full walkthrough four months after the upstream patch. The kernel bug is a one-liner. The exploit is not.

CIFSwitch: Linux Kernel Key-Handling Bug Hands Out Root Across Major Distros
A local privilege escalation in the kernel's CIFS authentication path lets an unprivileged user forge key descriptions and walk away with root.