Crash when tunneling TCP over HTTP in Envoy
CVE-2021-43826

7.5HIGH

Key Information:

Vendor: Envoyproxy
Status: Envoy
Vendor: CVE Published:; 22 February 2022

What is CVE-2021-43826?

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:upstream tunneling <envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config> and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. There are no workarounds for this issue. Users are advised to upgrade.

Affected Version(s)

envoy < 1.18.6 < 1.18.6

envoy >= 1.19.0, < 1.19.3 < 1.19.0, 1.19.3

envoy >= 1.20.0, < 1.20.2 < 1.20.0, 1.20.2

References

https://github.com/envoyproxy/envoy/security/advisories/G...

x_refsource_CONFIRM

https://github.com/envoyproxy/envoy/commit/ce0ae309057a21...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 22, 2022
Vulnerability Reserved
Nov 16, 2021

CVE-2021-43826 Data

JSON

Envoyproxy

What is CVE-2021-43826?

Affected Version(s)

References

CVSS V3.1

Timeline