CVE-2024-32974
- Source
- https://cve.org/CVERecord?id=CVE-2024-32974
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-32974.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-32974
- Aliases
-
- BIT-envoy-2024-32974
- GHSA-mgxp-7hhp-8299
- Published
- 2024-06-04T21:00:07.788Z
- Modified
- 2026-03-14T12:33:43.087308Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Envoy affected by a crash in EnvoyQuicServerStream::OnInitialHeadersComplete()
- Details
-
Envoy is a cloud-native, open source edge and service proxy. A crash was observed in
EnvoyQuicServerStream::OnInitialHeadersComplete()with following call stack. It is a use-after-free caused by QUICHE continuing push request headers afterStopReading()being called on the stream. As afterStopReading(), the HCM'sActiveStreammight have already be destroyed and any up calls from QUICHE could potentially cause use after free. - Database specific
{ "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32974.json", "cwe_ids": [ "CWE-416" ] }- References
Affected packages
Git / github.com/envoyproxy/envoy
Affected ranges
- Type
- GIT
- Repo
- https://github.com/envoyproxy/envoy
- Events
-
IntroducedLast affected
- Database specific
{ "versions": [ { "introduced": "1.29.0" }, { "last_affected": "1.29.4" } ] }
Affected versions
v1.*
v1.0.0
v1.1.0
v1.10.0
v1.11.0
v1.12.0
v1.13.0
v1.14.0
v1.15.0
v1.16.0
v1.17.0
v1.18.0
v1.18.1
v1.18.2
v1.19.0
v1.2.0
v1.20.0
v1.21.0
v1.22.0
v1.23.0
v1.24.0
v1.25.0
v1.26.0
v1.27.0
v1.27.1
v1.27.2
v1.27.3
v1.27.4
v1.27.5
v1.28.0
v1.28.1
v1.28.2
v1.28.3
v1.29.0
v1.29.1
v1.29.2
v1.29.3
v1.29.4
v1.3.0
v1.4.0
v1.5.0
v1.6.0
v1.7.0
v1.8.0
v1.9.0