CVE-2024-27919

Description

Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption. This can lead to denial of service through memory exhaustion. Users should upgrade to versions 1.29.2 to mitigate the effects of the CONTINUATION flood. Note that this vulnerability is a regression in Envoy version 1.29.0 and 1.29.1 only. As a workaround, downgrade to version 1.28.1 or earlier or disable HTTP/2 protocol for downstream connections.

CVSS v3.1 Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-390 CWE-390

Affected Products

Vendor	Product	Versions
envoyproxy	envoy	All
envoyproxy	envoy	All

References

Advisories & Patches

https://github.com/envoyproxy/envoy/commit/57a02565532c18eb9df972a3e8974be3ae59f2d5 https://github.com/envoyproxy/envoy/security/advisories/GHSA-gghf-vfxp-799r https://github.com/envoyproxy/envoy/commit/57a02565532c18eb9df972a3e8974be3ae59f2d5 https://github.com/envoyproxy/envoy/security/advisories/GHSA-gghf-vfxp-799r

Other References

http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/3 http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/3 https://www.kb.cert.org/vuls/id/421644

Frequently Asked Questions

What is CVE-2024-27919? +

Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption. This can lead to denial of service through memory exhaustion. Users should upgrade to versions 1.29.2 to mitigate the effects of the CONTINUATION flood. Note that this vulnerability is a regression in Envoy version 1.29.0 and 1.29.1 only. As a workaround, downgrade to version 1.28.1 or earlier or disable HTTP/2 protocol for downstream connections. It has a CVSS v3.1 base score of 7.5 (HIGH).

How severe is CVE-2024-27919? +

CVE-2024-27919 has a CVSS v3.1 score of 7.5 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2024-27919? +

CVE-2024-27919 affects products from envoyproxy, specifically: envoy. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-27919? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-46367 7.8

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A …

CVE-2024-49841 7.8

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2025-26465 6.8

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a …

CVE-2025-27039 6.6

Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.

CVE-2025-25204 6.3

`gh` is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a …

CVE-2024-12086 6.1

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from …