Integer overflow in large grpc-timeout values leads to unexpected timeout calculations
Package
No package listed
Affected versions
1.17.1, 1.16.2, 1.15.3, and 1.14.6
Patched versions
1.18.0, 1.17.2, 1.16.3, 1.15.4, and 1.14.7
Description
Credits
-
asraa Analyst
Brief Description
Remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.
Impact
Denial of service.
Mitigation
None.
References
https://blog.envoyproxy.io
https://github.com/envoyproxy/envoy/releases
Attack vector(s)
A remote attacker can send a very large value for a grpc-timeout to cause an integer overflow in the timeout calculation.