CVE-2020-27174

CVE-2020-27174 affects Amazon Firecracker runtimes: before 0.21.3 and before 0.22.1 (0.22.x) the serial console buffer can grow without limit when data is sent to standard input, causing a memory leak in the microVM emulation thread that may consume host memory. Impact is memory growth (not a cor...

CVE-2020-16843

CVE-2020-16843 affects Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2. The issue is in the network stack, which can freeze under heavy ingress traffic, leading to a denial of service on a microVM configured with a single network interface and an availability problem for that interface....

CVE-2019-18960

CVE-2019-18960 affects Firecracker’s vsock implementation, with a buffer overflow in versions 0.18.0 and 0.19.0. The root cause is a vulnerability in the vsock code path that can lead to potentially exploitable crashes. Public sources (NVD/NVD-derived entries and vendor advisories) assign a high ...

CVE-2026-5747

Summary: CVE-2026-5747 is a local, hypothetical out-of-bounds write in the virtio-pci transport of Firecracker. Affects Firecracker versions 1.13.0–1.14.3 and 1.15.0 on x86_64 and aarch64. The issue could allow a local guest user with root privileges to crash the Firecracker VMM process or potent...

CVE-2026-1386

The CVE-2026-1386 issue affects Firecracker’s jailer component. A local user who has write access to pre-created jailer directories could abuse a UNIX symlink vulnerability during jailer startup to overwrite arbitrary host files when the jailer runs with root privileges. Affected versions include...