CVE-2026-47205
published 2026-06-26CVE-2026-47205: Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF)…
PriorityP434medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
EPSS
0.39%
30.6th percentile
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) vulnerability leading to a sudden segmentation fault exists in Envoy's ext_authz HTTP filter when processing per-route authorization overrides concurrently with rapid downstream client disconnects. During standard request lifecycles, Envoy instantiates the ext_authz filter with a foundational authorization client object (client_). If a matched route dictates a dynamic per-route HTTP or gRPC authorization service override, the filter generates a localized client. In the vulnerable implementation, this transient client aggressively overwrote the default client_ unique pointer by executing client_ = std::move(per_route_client). When a client rapidly establishes and subsequently tears down a stream (such as rapidly refreshing a protected WebSocket endpoint), the downstream triggers the ConnectionManagerImpl::doDeferredStreamDestroy() -> ActiveStream::onResetStream() lifecycle. Envoy immediately sequences Filter::onDestroy() in an attempt to securely abort dispatched asynchronous authorization check transactions via client_->cancel(). By destructing the default client abruptly during initiateCall, a memory lifecycle misalignment occurs within the async client manager. The stream teardown fails to reliably track and cancel the dynamically bound asynchronous authorization tasks, orchestrating a sequence where a late asynchronous callback from the network evaluates against a heavily destroyed ActiveStream validation span, generating a UAF process crash. This vulnerability is fixed in 1.36.9, 1.37.5, and 1.38.3.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | — | — |
| envoyproxy | envoy | >= 1.36.0 < 1.36.9 | 1.36.9 |
| envoyproxy | envoy | >= 1.37.0 < 1.37.5 | 1.37.5 |
| envoyproxy | envoy | >= 1.38.0 < 1.38.3 | 1.38.3 |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides
vendor_redhat·2026-06-26·CVSS 5.9
CVE-2026-47205 [MEDIUM] Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides
Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides
No description is available for this CVE.
Statement: Red Hat products ship Envoy versions prior to 1.36.0, which do not contain the vulnerable ext_authz per-route override code introduced in 1.36.0. Red Hat products are therefore not affected by this vulnerability.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Package: openshift-service-mesh/proxyv2-rhel9 (OpenShift Service Mesh 2) - Not affected
Package: openshift-service-mesh/istio-proxyv2-rhel9 (OpenShift Service Mesh 3) - Not affected
VulDB
envoyproxy envoy up to 1.36.8/1.37.4/1.38.2 Protected WebSocket Endpoint doDeferredStreamDestroy use after free
vuldb·2026-06-26·CVSS 5.9
CVE-2026-47205 [MEDIUM] envoyproxy envoy up to 1.36.8/1.37.4/1.38.2 Protected WebSocket Endpoint doDeferredStreamDestroy use after free
A vulnerability labeled as critical has been found in envoyproxy envoy up to 1.36.8/1.37.4/1.38.2. Affected by this issue is the function ConnectionManagerImpl::doDeferredStreamDestroy of the component Protected WebSocket Endpoint. Such manipulation leads to use after free.
This vulnerability is uniquely identified as CVE-2026-47205. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.
No detection rules found.
No public exploits indexed.
2026-06-26
Published