3 matches found
Oracle Linux 7 : olcne (ELSA-2022-9587)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9587 advisory. - Adress Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227 - Address qemu CVE-2022-26353, CVE-2021-3748...
CVE-2022-29224
A flaw was found in Envoy. This flaw allows an attacker who controls an upstream host and also controls service discovery of that host via DNS, the EDS API, etc. to crash Envoy by forcing the removal of the host from service discovery and then failing the gRPC health check request. This issue...
CVE-2022-29224 Segmentation fault leading to crash in Envoy
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” prevent removal upstrea...