CVE-2024-34362

Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in `HttpConnectionManager` (HCM) with `EnvoyQuicServerStream` that can crash Envoy. An attacker can exploit this vulnerability by sending a request without `FIN`, then a `RESET_STREAM` frame, and then after receiving the response, closing the connection.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*

History

12 Jun 2024, 13:29

Type Values Removed Values Added
References () https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv - () https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv - Exploit, Third Party Advisory
CPE cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
First Time Envoyproxy
Envoyproxy envoy

05 Jun 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Hay un use-after-free en `HttpConnectionManager` (HCM) con `EnvoyQuicServerStream` que puede bloquear Envoy. Un atacante puede explotar esta vulnerabilidad enviando una solicitud sin `FIN`, luego un framework `RESET_STREAM` y luego, después de recibir la respuesta, cerrando la conexión.

04 Jun 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-04 21:15

Updated : 2024-06-12 13:29


NVD link : CVE-2024-34362

Mitre link : CVE-2024-34362

CVE.ORG link : CVE-2024-34362


JSON object : View

Products Affected

envoyproxy

  • envoy
CWE
CWE-416

Use After Free