CVE-2020-27174 - Vulnerability Details - OpenCVE

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amazon	Firecracker

Configuration 1 [-]

OR	cpe:2.3:a:amazon:firecracker::::::::
	cpe:2.3:a:amazon:firecracker::::::::

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2020/10/23/1
https://github.com/firecracker-microvm/firecracker/issues/2177
https://github.com/firecracker-microvm/firecracker/pull/2178
https://github.com/firecracker-microvm/firecracker/pull/2179

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-10-16T04:06:54

Updated: 2024-08-04T16:11:35.839Z

Reserved: 2020-10-16T00:00:00

Link: CVE-2020-27174

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-10-16T05:15:11.830

Modified: 2024-11-21T05:20:49.117

Link: CVE-2020-27174

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-23T14:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/firecracker-microvm/firecracker/issues/2177"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2178"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2179"}, {"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"}], "source": {"discovery": "INTERNAL"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-27174", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/firecracker-microvm/firecracker/issues/2177", "refsource": "MISC", "url": "https://github.com/firecracker-microvm/firecracker/issues/2177"}, {"name": "https://github.com/firecracker-microvm/firecracker/pull/2178", "refsource": "MISC", "url": "https://github.com/firecracker-microvm/firecracker/pull/2178"}, {"name": "https://github.com/firecracker-microvm/firecracker/pull/2179", "refsource": "MISC", "url": "https://github.com/firecracker-microvm/firecracker/pull/2179"}, {"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"}]}, "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:11:35.839Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/firecracker-microvm/firecracker/issues/2177"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2178"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2179"}, {"name": "[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-27174", "datePublished": "2020-10-16T04:06:54", "dateReserved": "2020-10-16T00:00:00", "dateUpdated": "2024-08-04T16:11:35.839Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*", "matchCriteriaId": "2097E568-0639-495D-A157-BE1E429CF09C", "versionEndExcluding": "0.21.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*", "matchCriteriaId": "8839BF50-88C4-4FD3-95D7-B5B74C5104DA", "versionEndExcluding": "0.22.1", "versionStartIncluding": "0.22.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host."}, {"lang": "es", "value": "En Amazon AWS Firecracker versiones anteriores a 0.21.3 y versiones 0.22.x anteriores a 0.22.1, el b\u00fafer de la consola serial puede aumentar su uso de memoria sin l\u00edmite cuando los datos son enviados a la entrada est\u00e1ndar. Esto puede resultar en una p\u00e9rdida de memoria en el subproceso (hilo) de emulaci\u00f3n microVM, posiblemente ocupando m\u00e1s memoria de la prevista en el host"}], "id": "CVE-2020-27174", "lastModified": "2024-11-21T05:20:49.117", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-16T05:15:11.830", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/issues/2177"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2178"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2179"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/10/23/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/issues/2177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/firecracker-microvm/firecracker/pull/2179"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}