SB2020070147 - Multiple vulnerabilities in envoy
Published: July 1, 2020 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2020-12604)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.
2) Resource exhaustion (CVE-ID: CVE-2020-12605)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
3) Resource exhaustion (CVE-ID: CVE-2020-12603)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
Remediation
Install update from vendor's website.
References
- https://github.com/envoyproxy/envoy/commits/master
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-8hf8-8gvw-ggvx
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-fjxc-jj43-f777
- https://github.com/envoyproxy/envoy-setec/issues/137
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-pc38-4q6c-85p6
- https://github.com/envoyproxy/envoy-setec/issues/80