Bulletin ID: 2026-015-AWS
Scope: AWS
Content Type: Important
Publication Date: 04/7/2026 3:30 PM PST

Description:

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services.

We identified CVE-2026-5747, an out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 that might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations.

No AWS service is affected.

Impacted versions: Firecracker >= 1.13.0 AND <= 1.14.3 AND 1.15.0

Resolution:

This issue has been addressed in Firecracker version 1.14.4 and 1.15.1. We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.

Workarounds
The virtio PCI transport is opt-in via the --enable-pci command-line flag when starting Firecracker. The legacy MMIO transport is the default and is not affected by this issue. Users who have enabled PCI transport can revert to MMIO by removing the --enable-pci flag from their Firecracker invocation. Note that switching from PCI to MMIO transport may result in reduced I/O throughput and increased latency.

References
CVE-2026-5747
GHSA-776c-mpj7-jm3r

Acknowledgement
We thank Anthropic for reporting this concern to the AWS Vulnerability Disclosure Program.

 

Please email aws-security@amazon.com with any security questions or concerns.