CVE-2021-43825
published 2022-02-22CVE-2021-43825: Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of…
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.86%
54.0th percentile
Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when the buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. If this happens Envoy will crash resulting in a denial of service.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| envoyproxy | envoy | < 1.18.6 | 1.18.6 |
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | >= 1.19.0 < 1.19.3 | 1.19.3 |
| envoyproxy | envoy | >= 1.20.0 < 1.20.2 | 1.20.2 |
| envoyproxy | envoy | >= 1.21.0 < 1.21.1 | 1.21.1 |
| github.com | pomerium_pomerium | >= 0 < 0.16.4 | 0.16.4 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
ghsa7.5HIGH
osv7.5HIGH
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Multiple security issues in Pomerium's embedded envoy
osv·2022-03-01·CVSS 7.5
[HIGH] Multiple security issues in Pomerium's embedded envoy
Multiple security issues in Pomerium's embedded envoy
Envoy, which Pomerium is based on, has issued multiple CVEs impacting stability and security.
Though Pomerium may not be vulnerable to all of the issues, it is recommended that all users upgrade to Pomerium v0.16.4 as soon as possible to minimize risk.
### Impact
- Possible DoS or crash
- Resources available to unauthorized users
- Pomerium may trust upstream certificates that should not be trusted
### Patches
Patched in v0.16.4
### Workarounds
No
### References
[Envoy Security Announcement](https://groups.google.com/g/envoy-security-announce/c/QBGxoqZdTR4)
* [CVE-2021-43824](https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p) (CVSS Score 6.5, Medium): Envoy 1.21.0 and earlier - Potential null pointer d
GHSA
Multiple security issues in Pomerium's embedded envoy
ghsa·2022-03-01·CVSS 7.5
[HIGH] Multiple security issues in Pomerium's embedded envoy
Multiple security issues in Pomerium's embedded envoy
Envoy, which Pomerium is based on, has issued multiple CVEs impacting stability and security.
Though Pomerium may not be vulnerable to all of the issues, it is recommended that all users upgrade to Pomerium v0.16.4 as soon as possible to minimize risk.
### Impact
- Possible DoS or crash
- Resources available to unauthorized users
- Pomerium may trust upstream certificates that should not be trusted
### Patches
Patched in v0.16.4
### Workarounds
No
### References
[Envoy Security Announcement](https://groups.google.com/g/envoy-security-announce/c/QBGxoqZdTR4)
* [CVE-2021-43824](https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p) (CVSS Score 6.5, Medium): Envoy 1.21.0 and earlier - Potential null pointer d
Red Hat
envoy: Use-after-free when response filters increase response data
vendor_redhat·2022-02-22·CVSS 6.1
CVE-2021-43825 [MEDIUM] CWE-416 envoy: Use-after-free when response filters increase response data
envoy: Use-after-free when response filters increase response data
Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when the buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. If this happens Envoy will crash resulting in a denial of service.
A flaw was found in envoy. If the amount of buffered data by envoy goes over the limit, the buffer may overflow while a response is being proce
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/envoyproxy/envoy/commit/148de954ed3585d8b4298b424aa24916d0de6136https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhhhttps://github.com/envoyproxy/envoy/commit/148de954ed3585d8b4298b424aa24916d0de6136https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh
2022-02-22
Published