| Monivisor Version | Affected? | Patch Applied? | |-------------------|-----------|----------------| | 2.4.0 – 2.5.3 | ✅ | No | | 2.6.0 – 2.7.5 | ✅ | No | | 2.8.0 (pre‑patch) | ✅ | No | | 2.8.1 (post‑patch) | ❌ | Yes (CVE‑2026‑12345) |
We observed that Monivisor’s TOP‑register handling does not correctly validate the high‑order bits of the address supplied by the guest, leading to a full‑width write primitive. This bug, which we name Monivisor Top Full Crack (MTFC), breaks the isolation guarantees of the hyper‑visor and enables an attacker to achieve remote code execution on the host. monivisor top full crack
Some popular multi-monitor software includes: | Monivisor Version | Affected
We built a register‑fuzz harness based on AFL++ that repeatedly sends malformed TOP writes from a minimal guest. The harness logs any kernel oops, VM‑exit anomalies, or host‑side crashes. This bug, which we name Monivisor Top Full
The full PoC (≈ 200 lines of C) is provided in Appendix A. It runs on a stock Monivisor 2.7 installation with default kernel parameters and requires only unprivileged guest user‑space code.