Fedora 39 : firecracker / rust-aes-gcm (2023-17bdd59177)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-17bdd59177 advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

Fedora: Security Advisory for firecracker (FEDORA-2023-98f44d1c4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: firecracker-1.4.1-3.fc38

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

[SECURITY] Fedora 37 Update: firecracker-1.4.1-3.fc37

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

[SECURITY] Fedora 39 Update: firecracker-1.4.1-3.fc39

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

Fedora 37 : firecracker / rust-aes-gcm (2023-bc40c7995e)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-bc40c7995e advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

Fedora: Security Advisory for firecracker (FEDORA-2023-c19aaa2283)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: firecracker-1.4.1-2.fc38

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

[SECURITY] Fedora 37 Update: firecracker-1.4.1-2.fc37

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

Fedora: Security Advisory for firecracker (FEDORA-2023-1db67725f2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: firecracker-1.4.1-2.fc39

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine...

Fedora: Security Advisory (FEDORA-2023-8e6ae98f81)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5765 advisory. - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31446720 CVE-2020-0543 - x86/speculation: Add Special Regist...

MAL-2022-274 Malicious code in @firecracker-microvm/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8236413fb62d06e91b2b92e2f28c0616770da58942a69c29277bd2d2fb8d81f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @firecracker-microvm/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8236413fb62d06e91b2b92e2f28c0616770da58942a69c29277bd2d2fb8d81f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2020-27174

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host...

CVE-2020-27174

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host...

CVE-2020-27174

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host...

Design/Logic Flaw

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host...

CVE-2020-27174

CVE-2020-27174 affects Amazon Firecracker runtimes: before 0.21.3 and before 0.22.1 (0.22.x) the serial console buffer can grow without limit when data is sent to standard input, causing a memory leak in the microVM emulation thread that may consume host memory. Impact is memory growth (not a cor...