CVE-2019-15226Uncontrolled Resource Consumption in Envoy

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
7.5HIGHNVD
EPSS
17.0%
top 5.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Envoyproxy Envoy
Timeline
PublishedOct 9
Latest updateMay 24

Description

Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. The implementation in versions 1.10.0 through 1.11.1 for HTTP/1.x traffic and all versions of Envoy for HTTP/2 traffic had O(n^2) performance characteristics. A remote attacker may craft a request that stays below the maximum request header size but consists of many thousands of small headers to consume CPU and result in a de

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDenvoyproxy/envoy16 versions+15

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

1
GHSA
GHSA-cggr-h689-7v7x: Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays2022-05-24

📋Vendor Advisories

1
Red Hat
envoy: crafted request allows remote attacker to cause denial of service2019-10-08

💬Community

1
Bugzilla
CVE-2019-15226 envoy: crafted request allows remote attacker to cause denial of service2019-09-19
CVE-2019-15226 — Uncontrolled Resource Consumption | cvebase