CVE-2024-34362
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in HttpConnectionManager (HCM) with EnvoyQuicServerStream that can crash Envoy. An attacker can exploit this vulnerability by sending a request without FIN, then a RESET_STREAM frame, and then after receiving the response, closing the connection.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| envoyproxy | envoy | >= 1.30.0, <= 11.30.1 | affected |
| envoyproxy | envoy | >= 1.29.0, <= 1.29.4 | affected |
| envoyproxy | envoy | >= 1.28.0, <= 1.28.3 | affected |
| envoyproxy | envoy | <= 1.27.5 | affected |
Weaknesses
- CWE-416: CWE-416: Use After Free
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.