Latest Security News about cve 2019 18960

AWS Firecracker through v0.19.0 has a Buffer Overflow vuln

Overview : A logical error in bounds checking performed on vsock virtio descriptors can be used by a malicious guest to read from and write to a segment of the host-side Firecracker process’ heap address space, directly after the end of a guest memory region. For reads, the accessible segment’s size is 64 KiB. For […]