ISTIO-SECURITY-2022-005

Ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing.

Jun 9, 2022

Disclosure Details
CVE(s)CVE-2022-31045
CVE-2022-29225
CVE-2022-29224
CVE-2022-29226
CVE-2022-29228
CVE-2022-29227
CVSS Impact Score7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected ReleasesAll releases prior to 1.12.0
1.12.0 to 1.12.7
1.13.0 to 1.13.4
1.14.0

CVE

CVE-2022-31045

Envoy CVEs

These Envoy CVEs do not directly impact Istio features, but we will still include them in the patch releases for 1.12.8, 1.13.5 and 1.14.1.

Am I Impacted?

You are at most risk if you you have an Istio ingress Gateway exposed to external traffic.

Credit

We would like to thank Otto van der Schaaf of Red Hat for the report.