Firecracker
CVE-2026-5747
HIGH
Severity by source
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
An out-of-bounds write issue in the virtio PCI transport in Amazon Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations.
To remediate this, users should upgrade to Firecracker 1.14.4 or 1.15.1 and later.
AnalysisAI
Memory corruption in Amazon Firecracker's virtio PCI transport (versions 1.13.0-1.14.3, 1.15.0) enables guest root users to crash the host VMM process or achieve host code execution through malicious virtio queue register modifications post-device activation. Affects x86_64 and aarch64 architectures. While exploitation requires guest root privileges and high attack complexity (CVSS AC:H, PR:H), successful compromise breaches VM isolation boundaries with high impact to host confidentiality, integrity, and availability (CVSS 8.7). No public exploit identified at time of analysis; vendor-released patches available in versions 1.14.4 and 1.15.1.
Technical ContextAI
This vulnerability exploits the virtio paravirtualization framework, specifically the PCI transport layer that manages I/O between guest VMs and the Firecracker VMM hypervisor. The out-of-bounds write (CWE-369: Divide By Zero mapping appears incorrect; likely CWE-787: Out-of-bounds Write based on description) occurs when a malicious guest manipulates virtio queue configuration registers after device activation. In normal operation, virtio devices follow a strict state machine where configuration occurs before activation; this flaw allows post-activation reconfiguration to write beyond allocated memory boundaries. Firecracker is Amazon's lightweight KVM-based microVM manager designed for serverless and container workloads, making VM escape vulnerabilities particularly critical in multi-tenant cloud environments. The vulnerability affects the core memory safety of the Rust-based VMM process running on the host, potentially allowing arbitrary code execution that completely breaks the VM isolation model.
RemediationAI
Upgrade immediately to Firecracker version 1.14.4 (for 1.13.x-1.14.x users) or 1.15.1 (for 1.15.0 users) or later versions. Release artifacts available at https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.4 and https://github.com/firecracker-microvm/firecracker/releases/tag/v1.15.1. No workarounds are documented; patching is the only effective mitigation. Organizations unable to patch immediately should restrict Firecracker deployments to trusted workloads only and avoid running untrusted guest kernels or snapshot configurations. Review security advisory at https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-776c-mpj7-jm3r for additional vendor guidance and impact assessment details.
More in Firecracker
View allFirecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. Rated critical severity (CVSS 9.8), this
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage w
Firecracker contains a vulnerability that allows attackers to a local host user with write access to the pre-created jai
In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic.
Same weakness CWE-369 – Divide By Zero
View allSame technique Buffer Overflow
View allVendor StatusVendor
SUSE
Severity: High| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today