CVE-2022-21655

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-21655
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-21655.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-21655
Aliases
Downstream
Published
2022-02-22T22:40:11Z
Modified
2025-10-15T13:42:28.033349Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Incorrect handling of internal redirects results in crash in Envoy
Details

Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redirects if direct response entries are configured on the same listener.

References

Affected packages

Git / github.com/envoyproxy/envoy

Affected ranges

Type
GIT
Repo
https://github.com/envoyproxy/envoy
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/envoyproxy/envoy
Events
Type
GIT
Repo
https://github.com/envoyproxy/envoy
Events
Type
GIT
Repo
https://github.com/envoyproxy/envoy
Events

Affected versions

v1.*

v1.0.0
v1.1.0
v1.10.0
v1.11.0
v1.12.0
v1.13.0
v1.14.0
v1.15.0
v1.16.0
v1.17.0
v1.18.0
v1.18.1
v1.18.2
v1.18.3
v1.18.4
v1.19.0
v1.19.1
v1.2.0
v1.20.0
v1.20.1
v1.21.0
v1.3.0
v1.4.0
v1.5.0
v1.6.0
v1.7.0
v1.8.0
v1.9.0

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-097fed22",
        "source": "https://github.com/envoyproxy/envoy/commit/af50070ee60866874b0a9383daf9364e884ded22",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "245673340480709380475607110780385137708",
                "285494569074532567258474565032572094364",
                "121492910522987967398570563042373873103",
                "208903825150298770882316003860954195851"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-0e4fc27e",
        "source": "https://github.com/envoyproxy/envoy/commit/a79ca225f1ed924b855dff8a26bd7f7cdb84e694",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onUpstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "63191530169222520921233896458439701262",
            "length": 711.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-25d456d2",
        "source": "https://github.com/envoyproxy/envoy/commit/a17cdcdfad24de101e95716b77549ba689824f25",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "146243477446113422387021212725253250778",
                "38867459780981627133568037950540228786",
                "247042036583305394760031334831783811398",
                "325013980647195303750429821852338176203",
                "190222441294940987692714025372522320194",
                "233481120278761949454860284316900076892",
                "33182693539138785849824461743826464632",
                "238411867963402661331142337279192022640"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-3fe0ae84",
        "source": "https://github.com/envoyproxy/envoy/commit/a79ca225f1ed924b855dff8a26bd7f7cdb84e694",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onDownstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "243442652017391788382200176589855195754",
            "length": 648.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-49af67d3",
        "source": "https://github.com/envoyproxy/envoy/commit/a79ca225f1ed924b855dff8a26bd7f7cdb84e694",
        "signature_version": "v1",
        "target": {
            "file": "test/integration/tcp_tunneling_integration_test.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "48555961344162091530114484247512887348",
                "262502622330308196055685632396206527810",
                "44051101608002913249948422506083140770"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-4f2f527a",
        "source": "https://github.com/envoyproxy/envoy/commit/a17cdcdfad24de101e95716b77549ba689824f25",
        "signature_version": "v1",
        "target": {
            "file": "test/integration/tcp_tunneling_integration_test.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "48555961344162091530114484247512887348",
                "262502622330308196055685632396206527810",
                "44051101608002913249948422506083140770"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-750e7fbb",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "function": "ConnPoolImplBase::checkForIdleAndCloseIdleConnsIfDraining",
            "file": "source/common/conn_pool/conn_pool_base.cc"
        },
        "digest": {
            "function_hash": "43013079311173114698727080572662162328",
            "length": 338.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-75516c6f",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "file": "source/common/conn_pool/conn_pool_base.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "238363169343804913942300291017684487943",
                "281075802092293195505541183629950851527",
                "190309091056183134939303314630437286332",
                "1336839216182560585869212455485126136",
                "91854374677920975889051724337189261314",
                "176073550574850004587196271703191506168",
                "54303611712421497849276770032572170236",
                "89596254872871249889385232134194772639",
                "232868586170569298338666905475474416875",
                "68418232771506422252069681807775341343"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-8a3c3605",
        "source": "https://github.com/envoyproxy/envoy/commit/a17cdcdfad24de101e95716b77549ba689824f25",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onUpstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "63191530169222520921233896458439701262",
            "length": 711.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-9c39651a",
        "source": "https://github.com/envoyproxy/envoy/commit/af50070ee60866874b0a9383daf9364e884ded22",
        "signature_version": "v1",
        "target": {
            "file": "test/integration/tcp_tunneling_integration_test.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "222375982320279527150068471158201686244",
                "165738277750233846199418982723160704713",
                "44051101608002913249948422506083140770"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-a6789e61",
        "source": "https://github.com/envoyproxy/envoy/commit/af50070ee60866874b0a9383daf9364e884ded22",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onDownstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "296559161755360112084384558440136934044",
            "length": 808.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-abeb66c1",
        "source": "https://github.com/envoyproxy/envoy/commit/a17cdcdfad24de101e95716b77549ba689824f25",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onDownstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "243442652017391788382200176589855195754",
            "length": 648.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-bf50e605",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "file": "test/integration/cds_integration_test.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "97652407307682118633090827808836069896",
                "202222073443799289957911450767890213833",
                "115564202354952612799820744008677299818",
                "100865938374520508671052066897428637482",
                "266358857140130331037141171435995735386",
                "241277250285489246241581928533925069698",
                "112864798336767260895615422020255373801",
                "326344252156913283305823248376635974319",
                "149501076714298581724217944116072240117",
                "20851967513280832025446682514306651511",
                "101660301215173511645125806388931558046",
                "161983258376373368998625288716073445864",
                "125013157627477663648794220335175813129",
                "114297756736507093046297363714182913184",
                "326342629182717535494243166437244508087",
                "129503348076797258550455082149053172774",
                "6063454819406071701935832397149074681",
                "25450544109902264946434894665349483615",
                "14209541420216802153449926603071335280",
                "28083104488430351869423149520385632380",
                "27329837804645812211356628610675816305"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-c143ebbc",
        "source": "https://github.com/envoyproxy/envoy/commit/a17cdcdfad24de101e95716b77549ba689824f25",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "245673340480709380475607110780385137708",
                "285494569074532567258474565032572094364",
                "189982742750395040949615227195286815818",
                "260972069293896305361331050164952443697"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-c4824ee2",
        "source": "https://github.com/envoyproxy/envoy/commit/a79ca225f1ed924b855dff8a26bd7f7cdb84e694",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "146243477446113422387021212725253250778",
                "38867459780981627133568037950540228786",
                "247042036583305394760031334831783811398",
                "325013980647195303750429821852338176203",
                "190222441294940987692714025372522320194",
                "233481120278761949454860284316900076892",
                "33182693539138785849824461743826464632",
                "238411867963402661331142337279192022640"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-ce5c4e8e",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "file": "test/config/utility.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "150676539833679190158940891882333303963",
                "27409818851555323095073296906901027733",
                "55324179392422643085196396072729602785"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-cf3745ce",
        "source": "https://github.com/envoyproxy/envoy/commit/a79ca225f1ed924b855dff8a26bd7f7cdb84e694",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "26722413740939448104101388019871754100",
                "285494569074532567258474565032572094364",
                "189982742750395040949615227195286815818",
                "260972069293896305361331050164952443697"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-d54b575d",
        "source": "https://github.com/envoyproxy/envoy/commit/af50070ee60866874b0a9383daf9364e884ded22",
        "signature_version": "v1",
        "target": {
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "146243477446113422387021212725253250778",
                "48539946143607539866181123457421037495",
                "283468910120726656487263215273247794220",
                "32816829629574534818331468211218975208",
                "167487698232686579647343259536732486616",
                "18932793910309592312745692489877318569",
                "190222441294940987692714025372522320194",
                "233481120278761949454860284316900076892",
                "33182693539138785849824461743826464632",
                "238411867963402661331142337279192022640"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-dc8d3820",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "function": "ConnPoolImplBase::closeIdleConnectionsForDrainingPool",
            "file": "source/common/conn_pool/conn_pool_base.cc"
        },
        "digest": {
            "function_hash": "83990222759686494038875668905777786185",
            "length": 528.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2022-21655-efb2c5e4",
        "source": "https://github.com/envoyproxy/envoy/commit/af50070ee60866874b0a9383daf9364e884ded22",
        "signature_version": "v1",
        "target": {
            "function": "Filter::onUpstreamEvent",
            "file": "source/common/tcp_proxy/tcp_proxy.cc"
        },
        "digest": {
            "function_hash": "63191530169222520921233896458439701262",
            "length": 711.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2022-21655-f0c98cd4",
        "source": "https://github.com/envoyproxy/envoy/commit/4aaf9593152c6996b9da384c8918e9ad4f0abd4d",
        "signature_version": "v1",
        "target": {
            "file": "source/common/conn_pool/conn_pool_base.cc"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "211063805449318930197667500157467379330",
                "238149429280769817104751274898789662521",
                "155508904057016497276277837828561242331",
                "306263256694188145409853147140795887683",
                "24621026682503930056724633583760538450",
                "210759516705868193041331552012792706907",
                "268100365964683135363265243678321089408",
                "116993638250131326183953285211810091083",
                "57246520075670457973995740670893215413",
                "194433285147185661463287816608904302305",
                "245699478661219870215728951569204544048",
                "286440446911758131586479113237388457926",
                "33382072507043576477734303938545662581",
                "298229981597606534667320296045042459684",
                "173090808602105440099610064642968627733",
                "210942585548006467924962946211585504886",
                "193341038770066763728097793037333651465",
                "340006873902019806079016649741212930377",
                "286206063645562425499514746822691310145",
                "291017590637862723045538078816014658015"
            ]
        },
        "deprecated": false
    }
]