GitHub_MCVELIST:CVE-2024-30255CVE-2024-30255 HTTP/2: CPU exhaustion due to CONTINUATION frame flood
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.5%
Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy’s HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy’s header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic and culminating in denial of service through CPU exhaustion. Users should upgrade to version 1.29.3, 1.28.2, 1.27.4, or 1.26.8 to mitigate the effects of the CONTINUATION flood. As a workaround, disable HTTP/2 protocol for downstream connections.
CNA Affected
[
{
"vendor": "envoyproxy",
"product": "envoy",
"versions": [
{
"version": ">= 1.29.0, < 1.29.3",
"status": "affected"
},
{
"version": ">= 1.28.0, < 1.28.2",
"status": "affected"
},
{
"version": ">= 1.27.0, < 1.27.4",
"status": "affected"
},
{
"version": "< 1.26.8",
"status": "affected"
}
]
}
]Related
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.5%