Do Son 
A security flaw has just been brought to light. Details of the ITScape KVM escape vulnerability, along with its proof-of-concept (PoC) exploit code, have been publicly disclosed. Tracked officially as CVE-2026-46316, this critical flaw threatens modern cloud infrastructure. Specifically, it targets KVM/arm64 environments, allowing untrusted guest virtual machines to break out of their isolated boundaries and attack the underlying host.
Security researcher Hyunwoo Kim (@v4bel) discovered and responsibly reported this severe issue. According to the official disclosure document, “It is a KVM escape vulnerability that lets a guest escape to the host in a KVM/arm64 environment and run commands on the host with kernel (root) privilege.” This represents a massive risk for providers operating multi-tenant arm64 public clouds. Unlike typical virtualization escapes that target user-space emulators like QEMU, the ITScape bug exists deeply within the in-kernel KVM itself. As a result, it completely bypasses standard user-space protections and operates independently of QEMU’s emulation layer.
Public PoC Release Escalates Cloud Risks
The public release of the exploit code escalates the threat level significantly for unpatched systems. The technical root cause is a dangerous race condition located specifically within the VGIC-ITS (Interrupt Translation Service) emulation. An attacker only needs basic guest-side access to trigger the ITScape KVM escape vulnerability. The security disclosure explicitly notes that “It triggers the bug with guest-side actions alone to escape to the host.” The released PoC effectively demonstrates a double-put scenario leading directly to host kernel code execution. Researchers can find the full technical breakdown and PoC repository at GitHub.
Executing this exploit successfully requires the attacker to have guest kernel (EL1) privileges to drive the necessary GIC/ITS MMIO interactions. However, in standard public cloud deployments, users natively possess root access within their newly allocated virtual machines. Therefore, this prerequisite is easily satisfied in real-world attack scenarios. Although the published PoC requires some technical adaptation for specific host kernel versions, the document warns that a fully “weaponized real-world exploit exists but is not being released.”
Immediate Mitigation for KVM/arm64 Deployments
Cloud operators and infrastructure administrators must act swiftly to defend their environments. The vulnerability actively impacts arm64 kernel versions spanning from late April 2024 to early June 2026. Fortunately, Linux kernel maintainers have already merged a definitive patch. The critical fix modifies the vgic_put_irq() function so that it drops its cache reference “only on the value returned by xa_erase()”. Administrators managing arm64 KVM hosts must verify that this critical patch is actively applied to prevent devastating guest-to-host network intrusions.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
