PT-2019-15692 · Envoy · Envoy

Oleg Guba

Published

2019-12-13

Updated

2019-12-18

CVE-2019-18838

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Envoy version 1.12.0

Description An issue was discovered where upon receipt of a malformed HTTP request without a Host header, Envoy sends an internally generated "Invalid request" response. This response is dispatched through the configured encoder filter chain before being sent to the client. If an encoder filter invokes route manager APIs that access a request's Host header, it causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.

Recommendations For Envoy version 1.12.0, consider disabling the encoder filter that invokes route manager APIs until a patch is available to prevent abnormal termination of the Envoy process.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2019-18838

GHSA-F2RV-4W6X-RWHC

RHSA-2019:4222

Affected Products

Envoy

PT-2019-15692 · Envoy · Envoy

CVE-2019-18838

Weakness Enumeration

Related Identifiers

Affected Products

References · 6