Google Awards $250K for Linux Kernel Vulnerability Allowing Guest VM Escape via KVM
Tags Security · Infrastructure · Enterprise · OSS
Google's Vulnerability Reward Program paid $250,000 for a Linux kernel vulnerability (CVE-2026-XXXX) in the KVM subsystem that allows a malicious guest VM to escape to the host kernel. The flaw resides in the memory management unit (MMU) notifier handling during page fault processing, where improper reference counting enables a use-after-free condition. The researcher demonstrated a proof-of-concept achieving host kernel code execution from an unprivileged guest. The patch has been merged upstream and backported to stable kernels 6.1.x, 6.6.x, and 6.12.x.
Technical significance
This is the highest VRP payout for a Linux kernel bug to date, reflecting the severity of guest-to-host escape in multi-tenant cloud environments. The vulnerability affects all KVM-based hypervisors (Google Cloud, AWS Nitro, Azure, on-prem OpenStack) and requires only an unprivileged guest. Cloud providers must patch host kernels urgently; the backport to three stable branches indicates widespread exposure. For security teams, this underscores that virtualization boundary bugs remain a critical attack surface — hardware isolation (SEV-SNP, TDX) mitigates but does not eliminate the risk when the VMM itself is compromised.