[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount
From: "Iordache, Alexandra" <aghecen () amazon ! com>
Date: 2020-10-23 10:42:14
Message-ID: 1603449734487.64669 () amazon ! com
[Download RAW message or body]
We have identified an issue in the Firecracker serial console emulation of =
all Firecracker versions up to v0.21.2 and Firecracker v0.22.0
# Issue Description
The Firecracker implementation of the serial console emulation allows buffe=
ring of an unlimited number of bytes when data is written to the Firecracke=
r process standard input at a high rate.
# Impact
Firecracker customers that forward the standard input of the Firecracker pr=
ocess to untrusted users can become subject to DoS attacks. If memory limit=
s are not imposed on the Firecracker process, this might impair other micro=
VMs on the same host from allocating memory, potentially becoming an availa=
bility issue.
Serial output generated by the guest can't trigger the issue.
# Affected Systems
Firecracker versions v0.22.0 and v0.21.2, while all older releases might be=
impacted.
# Mitigation
Impact can be mitigated by applying memory limits to the Firecracker proces=
s or by applying a rate limit when writing to the Firecracker process stand=
ard input.
Customers may apply:
Patched binaries mitigating this issue have been released as Firecracker v0=
.21.3[1] and Firecracker v0.22.1[2].
If you are using Firecracker versions up to v0.21.2 or Firecracker v0.22.0,=
we recommend you apply the provided fix.
[1] https://github.com/firecracker-microvm/firecracker/releases/tag/v0.21.3
[2] https://github.com/firecracker-microvm/firecracker/releases/tag/v0.22.1?
Best regards,
Alexandra on behalf of the Firecracker maintainers team?
Amazon Development Center (Romania) S.R.L. registered office: 27A Sf. Lazar=
Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania. Registered in R=
omania. Registration number J22/2621/2005.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic