Lucene search
PRIOn knowledge basePRION:CVE-2024-23327HistoryFeb 09, 2024 - 11:15 p.m.
Design/Logic Flaw
2024-02-0923:15:00
PRIOn knowledge base
www.prio-n.com
72
envoy
ppv2
segfault
vulnerability
upgrade
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Related
nvd
nvd
CVE-2024-23327
2024-02-09 23:15:09
cvelist
cvelist
CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
2024-02-09 22:41:54
veracode
veracode
Denial Of Service (DoS)
2024-02-13 15:57:59
redhatcve
redhatcve
CVE-2024-23327
2024-02-14 21:34:15
osv
osv
CVE-2024-23327
2024-02-09 23:15:09
BIT-envoy-2024-23327
2024-03-06 10:51:34
cve
cve
CVE-2024-23327
2024-02-09 23:15:09
oraclelinux
oraclelinux
cri-o security update
2024-04-26 00:00:00
cri-o security update
2024-04-26 00:00:00
cri-o security update
2024-04-16 00:00:00
nessus
nessus
Oracle Linux 8 : cri-o (ELSA-2024-12348)
2024-04-29 00:00:00
Oracle Linux 7 : cri-o (ELSA-2024-12329)
2024-04-17 00:00:00
Oracle Linux 8 : cri-o (ELSA-2024-12328)
2024-04-17 00:00:00
redos
redos
ROS-20240423-06
2024-04-23 00:00:00