CVE-2024-23322

Summary

Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedge_on_per_try_timeout is enabled, 2. per_try_idle_timeout is enabled (it can only be done in configuration), 3. per-try-timeout is enabled, either through headers or configuration and its value is equal, or within the backoff interval of the per_try_idle_timeout. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected Software

VendorProductVersion RangeStatus
envoyproxyenvoy>= 1.29.0, < 1.29.1affected
envoyproxyenvoy>= 1.28.0, < 1.28.1affected
envoyproxyenvoy>= 1.27.0, < 1.27.3affected
envoyproxyenvoy< 1.26.7affected

Weaknesses

  • CWE-416: CWE-416: Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References