CVE-2019-18836 — Infinite Loop in Envoy

CWE-835 — Infinite Loop CWE-400 — Uncontrolled Resource Consumption8 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 63.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Istio.io Istio Istio Envoyproxy Envoy

Timeline

PublishedNov 11

Latest updateMay 24

Description

Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDenvoyproxy/envoy1.12.0

▶NVDistio/istio1.3 — 1.3.5+1

▶Goistio.io/istio1.3.0 — 1.3.5

🔴Vulnerability Details

GHSA

GHSA-4r53-8549-7m3r: Envoy before 1↗2022-05-24

▶

GHSA

Istio vulnerable to denial of service↗2022-05-24

▶

OSV

Istio vulnerable to denial of service↗2022-05-24

▶

📋Vendor Advisories

Red Hat

istio/envoy: infinite loop in Envoy, and subsequently Istio leads to a DoS↗2019-11-11

▶

Red Hat

envoy: excessive iteration due to listener filter timeout leads to DoS↗2019-11-11

▶

💬Community

Bugzilla

CVE-2019-18836 envoy: excessive iteration due to listener filter timeout leads to DoS↗2019-11-11

▶