Amazon · Amazon Aws Firecracker · CVE-2020-27174
**Name of the Vulnerable Software and Affected Versions**
Amazon AWS Firecracker versions 0.21.3 and earlier, 0.22.x before 0.22.1
**Description**
The issue is related to the serial console buffer, which can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
**Recommendations**
For Amazon AWS Firecracker versions 0.21.3 and earlier, update to version 0.21.3 or later.
For Amazon AWS Firecracker versions 0.22.x before 0.22.1, update to version 0.22.1 or later.