Lucene search

GoogleOSV:BIT-ENVOY-2023-35942

HistoryMar 06, 2024 - 10:53 a.m.

BIT-envoy-2023-35942

2024-03-0610:53:10

Google

osv.dev

envoy

open source

edge

service proxy

cloud-native applications

grpc access loggers

listener's global scope

use-after-free crash

workaround

security advisory

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.3%

JSON

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener’s global scope can cause a use-after-free crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.

CPENameOperatorVersion
envoylt1.24.10
envoyge1.24.0
envoyge1.23.0
envoyge1.26.0
envoyge1.25.0
envoylt1.26.4
envoylt1.25.9
envoylt1.23.12

Name	Operator	Version
envoy	lt	1.24.10
envoy	ge	1.24.0
envoy	ge	1.23.0
envoy	ge	1.26.0
envoy	ge	1.25.0
envoy	lt	1.26.4
envoy	lt	1.25.9
envoy	lt	1.23.12

References

github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.3%

JSON

Related for OSV:BIT-ENVOY-2023-35942