Agrawroh

**Name of the Vulnerable Software and Affected Versions** Envoy versions 1.34.0 through 1.34.4 Envoy version 1.35.0 **Description** Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Affected versions contain a use-after-free (UAF) vulnerability in the DNS cache, leading to abnormal process termination. The issue occurs in Envoy's Dynamic Forward Proxy implementation when a completion callback for a DNS resolution triggers new DNS resolutions or removes existing pending resolutions. This condition may occur when the dynamic Forwarding Filter is enabled, the `envoy.reloadable features.dfp cluster resolves hosts` runtime flag is enabled, and the Host header is modified between the Dynamic Forwarding Filter and Router filters. **Recommendations** Envoy versions 1.34.0 through 1.34.4: Upgrade to version 1.34.5 or later. Envoy version 1.35.0: Upgrade to version 1.35.1 or later. As a workaround for all affected versions, set the `envoy.reloadable features.dfp cluster resolves hosts` runtime flag to false.