0.21.1

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

amazon

NVD

Published: 2020-08-04

Updated: 2020-08-19

Summary

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.

Vulnerable Configurations

Part	Description	Count
Application	Amazon Amazon Firecracker 0.21.0 Amazon Firecracker 0.21.1 Amazon Firecracker 0.20.0	3

References

https://github.com/firecracker-microvm/firecracker/issues/2057
https://www.openwall.com/lists/oss-security/2020/08/13/1
http://www.openwall.com/lists/oss-security/2020/08/13/1