This vulnerability involves an out-of-bounds write in the virtio PCI transport of Firecracker, which could be triggered by a local guest user with root privileges. The flaw allows modification of virtio queue configuration registers after device activation, potentially leading to a crash of the Firecracker VMM process or arbitrary code execution on the host. Exploitation to achieve code execution requires additional preconditions, including a custom guest kernel or specific snapshot configurations. The issue affects Firecracker versions 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64. AWS has released Firecracker versions 1.14.4 and 1.15.1 and later containing fixes for this vulnerability. Firecracker is a cloud-hosted service, and AWS manages patching for the cloud environment.

A local guest user with root privileges inside a Firecracker microVM could exploit this vulnerability to crash the Firecracker VMM process, causing denial of service. Under specific conditions, such as using a custom guest kernel or particular snapshot configurations, the attacker might execute arbitrary code on the host system, potentially compromising the host environment. The CVSS score of 7.5 reflects high impact on confidentiality, integrity, and availability. No known active exploits have been reported.

AWS has released patched Firecracker versions 1.14.4 and 1.15.1 and later that address this vulnerability. Users running affected versions should upgrade to these or later versions to remediate the issue. Since Firecracker is a cloud service, AWS manages remediation for the hosted environments; customers should verify their environments are updated accordingly. Refer to the official AWS security bulletin at https://aws.amazon.com/security/security-bulletins/2026-015-aws/ for detailed guidance and confirmation of patch status.