Search criteria
12 vulnerabilities found for firecracker by amazon
FKIE_CVE-2026-1386
Vulnerability from fkie_nvd - Published: 2026-01-23 21:15 - Updated: 2026-01-30 16:57
Severity ?
Summary
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges.
To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | firecracker | * | |
| amazon | firecracker | 1.14.0 | |
| amazon | firecracker | 1.14.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5711475-1683-4678-A801-CEE4DD77C20E",
"versionEndExcluding": "1.13.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:1.14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C1831DAD-F5BB-42AF-8CD4-EA9CD67C1247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:1.14.0:dev:*:*:*:*:*:*",
"matchCriteriaId": "0067E934-76C2-4FE3-AA7E-9BD7C8C98135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. \n\nTo mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above."
}
],
"id": "CVE-2026-1386",
"lastModified": "2026-01-30T16:57:56.657",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"type": "Secondary"
}
]
},
"published": "2026-01-23T21:15:51.397",
"references": [
{
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"tags": [
"Vendor Advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/2026-003-AWS/"
},
{
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"tags": [
"Release Notes",
"Product"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.13.2"
},
{
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"tags": [
"Release Notes",
"Product"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.1"
},
{
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-36j2-f825-qvgc"
}
],
"sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-61"
}
],
"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"type": "Secondary"
}
]
}
FKIE_CVE-2020-27174
Vulnerability from fkie_nvd - Published: 2020-10-16 05:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/10/23/1 | Third Party Advisory | |
| cve@mitre.org | https://github.com/firecracker-microvm/firecracker/issues/2177 | Third Party Advisory | |
| cve@mitre.org | https://github.com/firecracker-microvm/firecracker/pull/2178 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/firecracker-microvm/firecracker/pull/2179 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/10/23/1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/firecracker-microvm/firecracker/issues/2177 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/firecracker-microvm/firecracker/pull/2178 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/firecracker-microvm/firecracker/pull/2179 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | firecracker | * | |
| amazon | firecracker | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2097E568-0639-495D-A157-BE1E429CF09C",
"versionEndExcluding": "0.21.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8839BF50-88C4-4FD3-95D7-B5B74C5104DA",
"versionEndExcluding": "0.22.1",
"versionStartIncluding": "0.22.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."
},
{
"lang": "es",
"value": "En Amazon AWS Firecracker versiones anteriores a 0.21.3 y versiones 0.22.x anteriores a 0.22.1, el b\u00fafer de la consola serial puede aumentar su uso de memoria sin l\u00edmite cuando los datos son enviados a la entrada est\u00e1ndar.\u0026#xa0;Esto puede resultar en una p\u00e9rdida de memoria en el subproceso (hilo) de emulaci\u00f3n microVM, posiblemente ocupando m\u00e1s memoria de la prevista en el host"
}
],
"id": "CVE-2020-27174",
"lastModified": "2024-11-21T05:20:49.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-16T05:15:11.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-16843
Vulnerability from fkie_nvd - Published: 2020-08-04 20:15 - Updated: 2024-11-21 05:07
Severity ?
Summary
In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/08/13/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/firecracker-microvm/firecracker/issues/2057 | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2020/08/13/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/08/13/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/firecracker-microvm/firecracker/issues/2057 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2020/08/13/1 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | firecracker | 0.20.0 | |
| amazon | firecracker | 0.21.0 | |
| amazon | firecracker | 0.21.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:firecracker:0.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2596FA38-A71A-4CFF-8F3A-943A5E7DDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:0.21.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BC5BDF-70BF-4E81-B0AC-FC94F0AFC8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:0.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E005C187-CEFB-420B-B1B7-1320B8F6D10E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered."
},
{
"lang": "es",
"value": "En Firecracker versiones 0.20.x anteriores a 0.20.1 y versiones 0.21.x anteriores a 0.21.2, la pila de red puede congelarse bajo tr\u00e1fico de entrada pesado. Esto puede resultar en una denegaci\u00f3n de servicio en el microVM cuando es configurado con una \u00fanica interfaz de red, y un problema de disponibilidad para la interfaz de red de microVM en la cual el problema es desencadenado"
}
],
"id": "CVE-2020-16843",
"lastModified": "2024-11-21T05:07:15.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-04T20:15:12.430",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-18960
Vulnerability from fkie_nvd - Published: 2019-12-11 13:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | firecracker | 0.18.0 | |
| amazon | firecracker | 0.19.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:firecracker:0.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27A5DF1A-483D-4FD6-BA01-8E96052DBD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:firecracker:0.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A245BDA9-88AD-421A-9D2D-D4C09F0FF2AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes."
},
{
"lang": "es",
"value": "Una implementaci\u00f3n desbordamiento de b\u00fafer de Firecracker vsock versiones 0.18.0 y 0.19.0. Esto puede resultar en bloqueos potencialmente explotables."
}
],
"id": "CVE-2019-18960",
"lastModified": "2024-11-21T04:33:55.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-11T13:15:11.827",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2026-1386 (GCVE-0-2026-1386)
Vulnerability from cvelistv5 – Published: 2026-01-23 20:25 – Updated: 2026-01-23 20:38
VLAI?
Title
Arbitrary Host File Overwrite via Symlink in Firecracker Jailer
Summary
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges.
To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Severity ?
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AWS | Firecracker |
Unaffected:
1.13.2
Unaffected: 1.14.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-23T20:32:52.825461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T20:33:17.735Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Firecracker",
"vendor": "AWS",
"versions": [
{
"status": "unaffected",
"version": "1.13.2"
},
{
"status": "unaffected",
"version": "1.14.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. \u003c/p\u003e\u003cp\u003eTo mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.\u003c/p\u003e"
}
],
"value": "A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. \n\nTo mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132: Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T20:38:50.592Z",
"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"shortName": "AMZN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/2026-003-AWS/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.1"
},
{
"tags": [
"patch"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.13.2"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-36j2-f825-qvgc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Host File Overwrite via Symlink in Firecracker Jailer",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"assignerShortName": "AMZN",
"cveId": "CVE-2026-1386",
"datePublished": "2026-01-23T20:25:02.188Z",
"dateReserved": "2026-01-23T20:11:49.349Z",
"dateUpdated": "2026-01-23T20:38:50.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-27174 (GCVE-0-2020-27174)
Vulnerability from cvelistv5 – Published: 2020-10-16 04:06 – Updated: 2024-08-04 16:11
VLAI?
Summary
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:35.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-23T14:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/2177",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/pull/2178",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/pull/2179",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27174",
"datePublished": "2020-10-16T04:06:54",
"dateReserved": "2020-10-16T00:00:00",
"dateUpdated": "2024-08-04T16:11:35.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16843 (GCVE-0-2020-16843)
Vulnerability from cvelistv5 – Published: 2020-08-04 19:39 – Updated: 2024-08-04 13:45
VLAI?
Summary
In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:33.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T14:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/2057",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/08/13/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16843",
"datePublished": "2020-08-04T19:39:04",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-08-04T13:45:33.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18960 (GCVE-0-2019-18960)
Vulnerability from cvelistv5 – Published: 2019-12-11 12:25 – Updated: 2024-08-05 02:02
VLAI?
Summary
Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-11T20:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/releases",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"name": "http://www.openwall.com/lists/oss-security/2019/12/10/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/1462",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1",
"refsource": "CONFIRM",
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1",
"refsource": "CONFIRM",
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18960",
"datePublished": "2019-12-11T12:25:02",
"dateReserved": "2019-11-14T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-1386 (GCVE-0-2026-1386)
Vulnerability from nvd – Published: 2026-01-23 20:25 – Updated: 2026-01-23 20:38
VLAI?
Title
Arbitrary Host File Overwrite via Symlink in Firecracker Jailer
Summary
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges.
To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Severity ?
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AWS | Firecracker |
Unaffected:
1.13.2
Unaffected: 1.14.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-23T20:32:52.825461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T20:33:17.735Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Firecracker",
"vendor": "AWS",
"versions": [
{
"status": "unaffected",
"version": "1.13.2"
},
{
"status": "unaffected",
"version": "1.14.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. \u003c/p\u003e\u003cp\u003eTo mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.\u003c/p\u003e"
}
],
"value": "A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. \n\nTo mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132: Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T20:38:50.592Z",
"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"shortName": "AMZN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/2026-003-AWS/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.1"
},
{
"tags": [
"patch"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.13.2"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-36j2-f825-qvgc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Host File Overwrite via Symlink in Firecracker Jailer",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"assignerShortName": "AMZN",
"cveId": "CVE-2026-1386",
"datePublished": "2026-01-23T20:25:02.188Z",
"dateReserved": "2026-01-23T20:11:49.349Z",
"dateUpdated": "2026-01-23T20:38:50.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-27174 (GCVE-0-2020-27174)
Vulnerability from nvd – Published: 2020-10-16 04:06 – Updated: 2024-08-04 16:11
VLAI?
Summary
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:35.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-23T14:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/2177",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/2177"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/pull/2178",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/pull/2178"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/pull/2179",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/pull/2179"
},
{
"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27174",
"datePublished": "2020-10-16T04:06:54",
"dateReserved": "2020-10-16T00:00:00",
"dateUpdated": "2024-08-04T16:11:35.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16843 (GCVE-0-2020-16843)
Vulnerability from nvd – Published: 2020-08-04 19:39 – Updated: 2024-08-04 13:45
VLAI?
Summary
In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:33.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T14:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/2057",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/2057"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/08/13/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/08/13/1"
},
{
"name": "[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/08/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16843",
"datePublished": "2020-08-04T19:39:04",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-08-04T13:45:33.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18960 (GCVE-0-2019-18960)
Vulnerability from nvd – Published: 2019-12-11 12:25 – Updated: 2024-08-05 02:02
VLAI?
Summary
Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-11T20:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/firecracker-microvm/firecracker/releases",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/releases"
},
{
"name": "http://www.openwall.com/lists/oss-security/2019/12/10/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2019/12/10/1"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/issues/1462",
"refsource": "MISC",
"url": "https://github.com/firecracker-microvm/firecracker/issues/1462"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1",
"refsource": "CONFIRM",
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.19.1"
},
{
"name": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1",
"refsource": "CONFIRM",
"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v0.18.1"
},
{
"name": "[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/09/11/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18960",
"datePublished": "2019-12-11T12:25:02",
"dateReserved": "2019-11-14T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}