KVM Shadow Paging Use-After-Free Exposes x86 Hosts to Guest-Triggered Memory Corruption
A use-after-free vulnerability in KVM's shadow paging code was disclosed after researchers Alexander Bulekov and Fred Griffoul of Amazon found stale reverse mappings in shadow EPT through fuzzing. The flaw affects x86 guests and is exploitable when nested virtualization is enabled on Intel or AMD processors, or when systems use shadow paging with EPT or NPT disabled. Maintainers said the bug can lead to kernel memory corruption and denial of service on the host, making it a guest-to-host risk in affected virtualization setups.
The disclosure was coordinated by Sandipan Roy, who said reporters and maintainers agreed to an embargo that ended on March 29, 2026 at 16:00 UTC. Solar Designer said the issue had first been shared with the linux-distros list on March 10, 2026 and acknowledged the embargo exceeded that list's usual 14-day limit without prior approval, though it was allowed because the overrun was moderate and multiple stakeholders were already involved. The discussion also noted that on Linux kernels 6.16 and newer, the reproducer hits a WARN introduced by commit 11d45175111d, raising questions about whether panic_on_warn could reduce exploitability.
Timeline
Mar 30, 2026
Public discussion adds exploitability and kernel 6.16 WARN details
Follow-up discussion on oss-sec said the issue was discovered through fuzzing and noted that on Linux kernel 6.16 and newer, the reproducer triggers a WARN introduced by commit 11d45175111d. Participants discussed whether panic_on_warn could reduce exploitability.
Mar 30, 2026
oss-sec discussion publicly discloses KVM shadow EPT flaw
An oss-security mailing list thread publicly described a use-after-free vulnerability in KVM's shadow paging code affecting x86 guests. The discussion said the bug is exploitable from guests with nested virtualization enabled on Intel or AMD systems, or with shadow paging when EPT or NPT is disabled, and can cause kernel memory corruption and denial of service.
Mar 29, 2026
Maintainers agree to embargo ending March 29
Sandipan Roy said the reporters and maintainers agreed to an embargo for the KVM shadow EPT stale rmap use-after-free vulnerability, with disclosure scheduled for 2026-03-29 at 16:00 UTC. Solar Designer noted this embargo exceeded the linux-distros list's usual 14-day limit but was allowed despite the policy overrun.
Mar 10, 2026
KVM shadow EPT use-after-free reported to linux-distros
Solar Designer said the KVM shadow paging use-after-free issue was first brought to the linux-distros list on 2026-03-10. The flaw had been reported by Alexander Bulekov and Fred Griffoul of Amazon.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Xen Advisories Disclose Linux Guest Kernel Flaws Enabling Privilege Escalation
Xen has disclosed two Linux guest kernel vulnerabilities affecting virtualized environments, warning that both issues require patching and have no known mitigations. **CVE-2026-31786** (`XSA-485`) affects Linux kernels **4.13 and later** in Xen domains through unsafe handling of the binary build ID exposed at `/sys/hypervisor/properties/buildid`. The bug uses `sprintf()` on a non-null-terminated binary value, which can trigger an out-of-bounds read and, in rare cases, a write past the 4 KB sysfs buffer, potentially leading to **information disclosure, denial of service, or privilege escalation** inside Linux Xen guests. A second advisory, **CVE-2026-31787** (`XSA-487`), describes a **double-free** flaw in the Linux **Xen `privcmd` driver** that allows a **root user in a Linux guest** to bypass kernel lockdown protections tied to secure boot. Xen said the issue affects Linux **PVH or HVM domains** on **x86 and Arm** from kernel **3.8 onward**, while PV domains and non-Linux guests are not affected. The vulnerabilities were reported by **Frediano Ziglio of XenServer** and **Atharva Vartak (@0xAth4rv)**, respectively, and Xen urged operators to apply the supplied Linux patches.
5 days ago
Xen Advisory Warns Linux `privcmd` Flaw Can Bypass Kernel Lockdown
Xen disclosed **XSA-482** for **CVE-2026-31788**, a flaw in the Linux kernel's `privcmd` driver that can let an administrator inside an unprivileged Xen guest bypass kernel lockdown protections enforced under secure boot. The bug can be abused to perform actions on the guest kernel that should be blocked in secure mode, including modifying page tables in a way that could allow user mode to alter kernel memory. The issue affects Xen **PV, PVH, and HVM** guests running Linux with secure boot enabled. Xen said BSD-based systems are believed unaffected because they do not support secure boot in this context. The vulnerability was discovered by **Teddy Astie of Vates**, no mitigation is currently known, and remediation requires applying the published Linux patch set; the latest advisory revision notes that the flaw has now been assigned **`CVE-2026-31788`**.
1 months ago
Xen Patches Cross-Guest Data Leak on AMD Zen1 CPUs
Xen disclosed **XSA-488**, a transient execution vulnerability named **Floating Point Divider State Sampling** that affects x86 deployments running on vulnerable **AMD Fam17h (Zen1)** processors. The flaw was identified by researchers from the **CISPA Helmholtz Center for Information Security**, and Xen said an attacker may be able to infer data from other execution contexts, including **other guest VMs**, creating a cross-tenant confidentiality risk for virtualized environments. According to the advisory, **all Xen versions** are affected when deployed on the impacted CPU family. Xen said **no mitigations are currently available**, but released fixes for `xen-unstable` and the supported **4.20/4.19, 4.18, and 4.17** branches, urging operators on affected hardware to apply the relevant patches to reduce exposure.
6 days ago