CVE-2026-53359 - KVM Guest can crash host, potentially escape to host as root

CRCinAU

Renowned Member
May 4, 2020
206
63
68
crc.id.au
https://app.opencve.io/cve/CVE-2026-53359

This won't get fixed in the 7.0.x kernel tree, but is fixed in kernel versions:

* 6.1.177
* 6.6.144
* 6.12.95
* 6.18.38
* 7.1.3
* 7.2-rc1

Reference: https://lore.kernel.org/linux-cve-announce/2026070403-CVE-2026-53359-4f57@gregkh/T

Wondering what the plan is for the proxmox host kernel given these issues?

@fabian - I see there's work going on for updates kernel packages for CVE-2026-46242 here: https://forum.proxmox.com/threads/cve-2026-46242-bad-epoll.184865/#post-860758

Roll this in as well? It might be a clean backport to 7.0.12 - but may need some updates for other fixes of late.

EDIT: Ahh, I see: https://forum.proxmox.com/threads/a...vailable-for-cve-2026-53359-januscape.184874/

Curious to know which direction is going to occur - given 7.0.x is EOL now too. Just took me too long to gather enough info and tap it all out :D
 
Last edited:
  • Like
Reactions: Stoiko Ivanov