CVE-2023-35942: Envoy's gRPC access log crash caused by the listener draining
First published: Tue Jun 27 2023(Updated: )
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Envoyproxy Envoy | >=1.23.0<1.23.12 | |
| Envoyproxy Envoy | >=1.24.0<1.24.10 | |
| Envoyproxy Envoy | >=1.25.0<1.25.9 | |
| Envoyproxy Envoy | >=1.26.0<1.26.4 | |
| redhat/envoy | <1.26.3 | 1.26.3 |
| redhat/envoy | <1.25.8 | 1.25.8 |
| redhat/envoy | <1.24.9 | 1.24.9 |
| redhat/envoy | <1.23.11 | 1.23.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-35942?
CVE-2023-35942 is a vulnerability in Envoy, an open source edge and service proxy, that can cause a use-after-free crash when a gRPC access logger is used with the listener's global scope.
What is the severity of CVE-2023-35942?
CVE-2023-35942 has a severity rating of 6.5 (medium).
Which versions of Envoy are affected by CVE-2023-35942?
Envoy versions 1.23.0 to 1.23.12, 1.24.0 to 1.24.10, 1.25.0 to 1.25.9, and 1.26.0 to 1.26.4 are affected by CVE-2023-35942.
How can I fix CVE-2023-35942?
To fix CVE-2023-35942, you should update to Envoy version 1.23.13, 1.24.11, 1.25.10, 1.26.5, or later.
Where can I find more information about CVE-2023-35942?
You can find more information about CVE-2023-35942 in the following references: [GitHub Advisory](https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4), [Red Hat Errata](https://access.redhat.com/errata/RHSA-2023:4624), [Red Hat Security Advisory](https://access.redhat.com/security/cve/cve-2023-35942).
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/author
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-35942
- agent/software-canonical-lookup
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/tags
- agent/event
- vendor/envoyproxy
- canonical/envoyproxy envoy
- version/envoyproxy envoy/1.24.0
- version/envoyproxy envoy/1.25.0
- version/envoyproxy envoy/1.26.0
- version/envoyproxy envoy/1.23.0
- package-manager/redhat