Описание
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
Ссылки
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.21.3 (исключая)Версия от 0.22.0 (включая) до 0.22.1 (исключая)
Одно из
cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*
cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00563
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-401
Связанные уязвимости
github
больше 3 лет назад
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
EPSS
Процентиль: 68%
0.00563
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-401