Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-43826— Crash when tunneling TCP over HTTP in Envoy

CVSS 7.5 · High EPSS 0.10% · P26
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-43826

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Crash when tunneling TCP over HTTP in Envoy
Source: NVD (National Vulnerability Database)
Vulnerability Description
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:`upstream tunneling <envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config>` and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. There are no workarounds for this issue. Users are advised to upgrade.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Envoy 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Envoy是一款开源的分布式代理服务器。 Envoy 存在资源管理错误漏洞,该漏洞源于当为上游隧道配置envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config时发生崩溃,并且下游连接断开,而上游连接或 http/2 流仍然存在。 没有解决此问题的方法。 建议用户升级。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
envoyproxyenvoy < 1.18.6 -

II. Public POCs for CVE-2021-43826

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-43826

登录查看更多情报信息。

Same Patch Batch · envoyproxy · 2022-02-22 · 8 CVEs total

CVE-2022-216557.5 HIGHIncorrect handling of internal redirects results in crash in Envoy
CVE-2021-438247.5 HIGHNull pointer dereference in envoy
CVE-2022-216547.4 HIGHIncorrect configuration handling allows TLS session re-use without re-validation in Envoy
CVE-2022-216567.4 HIGHX.509 subjectAltName matching bypass in Envoy
CVE-2022-216576.8 MEDIUMX.509 Extended Key Usage and Trust Purposes bypass in Envoy
CVE-2021-438256.1 MEDIUMUse-after-free in Envoy
CVE-2022-236064.4 MEDIUMCrash when a cluster is deleted in Envoy

IV. Related Vulnerabilities

Same product: envoy
Same vendor: envoyproxy
Same weakness: CWE-416

V. Comments for CVE-2021-43826

No comments yet

Leave a comment