CVE-2026-5747
7.5 HIGHAn out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allo...
Published: 2026-04-08 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- CWE
- CWE-369, CWE-787
Affected products
| Vendor | Product |
|---|---|
| amazon | firecracker |
Description
An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations. To remediate this, users should upgrade to Firecracker 1.14.4 or 1.15.1 and later.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-5747
- [Vendor advisory]https://aws.amazon.com/security/security-bulletins/2026-015-aws/
- [Other]https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.4
- [Other]https://github.com/firecracker-microvm/firecracker/releases/tag/v1.15.1
- [Vendor advisory]https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-776c-mpj7-jm3r
Related CVEs
Same vendor
- CVE-2026-10591 — Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated... (8.8 HIGH)
- CVE-2026-9255 — Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary t... (7.8 HIGH)
- CVE-2026-31431 — In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly r... (7.8 HIGH)
- CVE-2026-6437 — Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 ... (6.5 MEDIUM)
- CVE-2026-4270 — Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.... (5.5 MEDIUM)
Same CWE
- CVE-2026-53465 — ImageMagick is free and open-source software used for editing and manipulating digital images (6.2 MEDIUM)
- CVE-2026-53461 — ImageMagick is free and open-source software used for editing and manipulating digital images (7.5 HIGH)
- CVE-2026-48724 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
- CVE-2026-46559 — ImageMagick is free and open-source software used for editing and manipulating digital images (4.0 MEDIUM)
- CVE-2026-46521 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)