Unrated

ITScape

IdentifiersCVE-2026-46316CWE-416

CVE-2026-46316, dubbed ITScape, is a guest-to-host escape vulnerability in the Linux kernel's KVM/arm64 vGIC-ITS emulation. The bug is in vgic_its_invalidate_cache(), which walks the per-ITS translation cache with xa_for_each() and drops references with vgic_put_irq(). Due to incorrect handling during concurrent cache invalidation, the code can drop the iterated pointer rather than only the entry actually removed by xa_erase(). Because xa_erase() is atomic and multiple invalidation paths can run concurrently under different locking contexts, the same cache-held reference can be dropped more than once. This creates a double-put condition that can free an IRQ translation entry while it is still mapped by an ITE, resulting in a use-after-free in in-kernel KVM on arm64. Public reporting and PoC material indicate this can be driven from the guest side and can be exploited for guest escape to host kernel code execution.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can break guest/host isolation in KVM/arm64 environments. Public disclosure and PoC reporting indicate that an untrusted guest VM can escalate from guest control to execution of commands on the host with kernel privileges, i.e., full host compromise from the guest context. At minimum, the flaw enables memory corruption and kernel instability due to the use-after-free; in the demonstrated case, it provides guest-to-host escape with root-level execution on the host. This is particularly severe for multi-tenant arm64 cloud environments running untrusted guests on unpatched hosts.

Mitigation

If you can’t patch tonight, do this now.

Until patched kernels are deployed, reduce exposure by preventing untrusted tenants or workloads from running on affected KVM/arm64 hosts, especially in multi-tenant environments. Restrict creation and execution of arm64 guest VMs on vulnerable hosts where possible, and avoid colocating mutually untrusted workloads. Because the issue is in in-kernel KVM rather than QEMU user-space emulation and can be triggered by guest-side actions, user-space hardening alone is not a sufficient mitigation. If operationally feasible, disable or avoid affected arm64 KVM virtualization paths until fixed kernels are installed.

Remediation

Patch, then assume compromise.

Apply the upstream Linux kernel fix that changes vgic_its_invalidate_cache() to drop the cache reference only for the entry actually returned by xa_erase(), ensuring each cache-held reference is released exactly once even under concurrent invalidation. The content identifies the mainline fix as commit 13031fb6b8357fbbcded2a7f4cba73e4781ee594. The disclosure also recommends applying related follow-on patches, including commit 70543358fa08e0f7cebc3447c3b70fe97ad7aaa8 (associated with CVE-2026-46317) and commit f2ca45b50d4216c9cc7ffabf50d9ad1932209251. Upgrade to a vendor kernel release that includes these fixes.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

LinuxLinux Kerneloperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

8 SOURCESView more in app

security online infoNews

Jun 11, 2026

ITScape KVM Escape: CVE-2026-46316 PoC Exploit Disclosed

A critical KVM/arm64 guest-to-host escape vulnerability in the in-kernel KVM VGIC-ITS emulation that can allow a guest VM to execute commands on the host with kernel/root privileges.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity7

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-46316

NVD

nvd.nist.gov/vuln/detail/CVE-2026-46316

MITRE CWE · CWE-416

cwe.mitre.org

git.kernel.org

git.kernel.org/stable/c/13031fb6b8357fbbcded2a7f4cba73e4781ee594

git.kernel.org

git.kernel.org/stable/c/2bbc395e81bd29c543a0529a678327e932a7ec69

git.kernel.org

git.kernel.org/stable/c/9121f4605ab94969f62d1b5714ca3c6c69bd202f

git.kernel.org

git.kernel.org/stable/c/b7b72e88046328c9fdc638fe887d4240257dd5dc