PT-2021-19927 · Envoy · Envoy
Raul Gutierrez Segales
·
Published
2021-08-24
·
Updated
2024-03-06
·
CVE-2021-32781
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Envoy versions prior to 1.19.1
Envoy versions prior to 1.18.4
Envoy versions prior to 1.17.4
Envoy versions prior to 1.16.5
Description
Envoy is an open source L7 proxy and communication bus designed for large modern service-oriented architectures. In affected versions, after Envoy sends a locally generated response, it must stop further processing of request or response data. However, when a local response is generated due to an internal buffer overflow while a request or response is processed by the filter chain, the operation may not be stopped completely, resulting in accessing a freed memory block. A specifically constructed request delivered by an untrusted downstream or upstream peer in the presence of extensions that modify and increase the size of request or response bodies can result in a Denial of Service when using extensions that modify and increase the size of request or response bodies, such as the decompressor filter.
Recommendations
For versions prior to 1.19.1, update to version 1.19.1 or later.
For versions prior to 1.18.4, update to version 1.18.4 or later.
For versions prior to 1.17.4, update to version 1.17.4 or later.
For versions prior to 1.16.5, update to version 1.16.5 or later.
As a temporary workaround, consider disabling Envoy's decompressor, json-transcoder, or grpc-web extensions, or proprietary extensions that modify and increase the size of request or response bodies, if feasible.
Fix
DoS
Buffer Overflow
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Envoy