Ars Technica
Google pays $250K for Linux vulnerability allowing guest VM escapes
Wednesday, July 8, 2026
Google paid a $250,000 security bounty for a Linux vulnerability that permits guest virtual machines to escape to the host system, according to the company's vulnerability disclosure. The flaw allows untrusted users to gain root privileges. Google did not name the researcher who reported the vulnerability or specify when the issue was patched.
