Envoy
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*
- < 1.37.1
- < 1.36.5
- < 1.35.9
- < 1.34.13
A denial-of-service vulnerability has been identified in Envoy versions prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13. The issue arises when the Utility::getAddressWithPort function is called with scoped IPv6 addresses, leading to a crash. This function is utilized in the data plane by the original_src filter and the dns filter. When a scoped IPv6 address is passed to the utility, it causes Envoy to crash, disrupting service.
Exploiting this vulnerability causes Envoy to crash, leading to a denial-of-service condition. This impacts users with the original_src filter configured or those whose Envoy instances process DNS responses containing scoped IPv6 addresses.
The vulnerability can be reproduced in two ways: 1. Method A (Original Src Filter): Configure the original src filter in Envoy and provide a scoped IPv6 address as the original source. 2. Method B (DNS Resolution): Trigger a DNS resolution process within Envoy that involves a DNS response containing a scoped IPv6 address.
Users can upgrade to Envoy versions 1.37.1, 1.36.5, 1.35.8, or 1.34.13 to address this vulnerability.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.