CVE-2021-32780Improper Check for Unusual or Exceptional Conditions in Envoy

CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-20Improper Input Validation4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 79.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Pomerium PomeriumEnvoyproxy Envoy
Timeline
PublishedAug 24
Latest updateSep 10

Description

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to DRAINING when it receives a SETTING frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. Receiving these two frames in the same I/O event results in abnormal termination of the Envoy process d

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDenvoyproxy/envoy1.18.01.18.4+1
CVEListV5envoyproxy/envoy>= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1+1

🔴Vulnerability Details

2
OSV
Incorrect handling of H2 GOAWAY + SETTINGS frames2021-09-10
GHSA
Incorrect handling of H2 GOAWAY + SETTINGS frames2021-09-10

📋Vendor Advisories

1
Red Hat
envoyproxy/envoy: denial of service when receiving a GOAWAY frame followed by a SETTINGS frame2021-08-24
CVE-2021-32780 — Envoyproxy Envoy vulnerability | cvebase