PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-5747 Amazon CVE debrief

An out-of-bounds write vulnerability in the virtio PCI transport of Amazon Firecracker allows a local guest user with root privileges to crash the VMM process or potentially execute arbitrary code on the host. The flaw exists in Firecracker versions 1.13.0 through 1.14.3 and version 1.15.0 on both x86_64 and aarch64 architectures. The vulnerability is triggered by modification of virtio queue configuration registers after device activation. Host code execution requires additional preconditions, such as use of a custom guest kernel or specific snapshot configurations. The issue was published on April 8, 2026, and the NVD record was last modified on June 1, 2026. Amazon has released patched versions 1.14.4 and 1.15.1 to address this vulnerability.

Vendor
Amazon
Product
Firecracker
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-08
Original CVE updated
2026-06-01
Advisory published
2026-04-08
Advisory updated
2026-06-01

Who should care

Organizations running Amazon Firecracker microVMs, particularly multi-tenant environments where guest isolation is critical. Cloud service providers and infrastructure operators using Firecracker versions 1.13.0–1.14.3 or 1.15.0 should prioritize patching to maintain VMM boundary integrity.

Technical summary

The vulnerability resides in the virtio PCI transport implementation within Amazon Firecracker. A local guest user with root privileges can modify virtio queue configuration registers after device activation, causing an out-of-bounds write. This can result in denial of service via VMM process crash or, under specific preconditions including custom guest kernels or particular snapshot configurations, arbitrary code execution on the host. The attack surface is constrained by the requirement for local privileged access and additional preconditions for full host compromise.

Defensive priority

HIGH

Recommended defensive actions

  • Upgrade Firecracker to version 1.14.4 or 1.15.1 or later to remediate the out-of-bounds write vulnerability in the virtio PCI transport.
  • Restrict deployment of Firecracker to trusted guest kernels and avoid custom kernel configurations that may facilitate exploitation of this vulnerability.
  • Review snapshot configurations for preconditions that could enable host code execution and apply hardened configurations where possible.
  • Monitor for anomalous virtio queue configuration register modifications after device activation as potential indicators of exploitation attempts.
  • Validate guest kernel integrity and prevent unauthorized modifications to guest environments that could be leveraged to exploit this vulnerability.

Evidence notes

Vulnerability affects Firecracker 1.13.0–1.14.3 and 1.15.0 on x86_64 and aarch64. CVSS 4.0 vector indicates local attack vector with high attack complexity, requiring privileged access and specific preconditions. CWE-369 (Divide By Zero) and CWE-787 (Out-of-bounds Write) identified as weakness types. Vendor advisories and release notes confirm fix versions 1.14.4 and 1.15.1.

Official resources

2026-04-08