CVE-2023-27488

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9

Description The issue concerns escalation of privileges when failure mode allow: true is configured for the ext authz filter in Envoy, an open source edge and service proxy. This can occur when Envoy receives an HTTP header with non-UTF-8 data and is configured to use certain filters and services. As a result, Envoy may generate an invalid protobuf message, leading to unforeseen errors, including a lack of visibility into requests. In versions 1.26.0 and later, Envoy sanitizes values sent in gRPC service calls to be valid UTF-8 by default.

Recommendations For versions prior to 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, update to version 1.26.0, 1.25.3, 1.24.4, 1.23.6, or 1.22.9 to resolve the issue. As a temporary workaround, set failure mode allow: false for the ext authz filter. To temporarily revert the behavioral change of sanitizing non-UTF-8 strings in gRPC service calls, set the runtime guard envoy.reloadable features.service sanitize non utf8 strings to false.