Envoy Proxy Fixes Two Zero Day vulnerabilities (UDP Proxy, TCP Proxy) - CVE-2020-35470
The Envoy Proxy fixed two zero day vulnerabilities, from Envoy groups :
We are announcing the fixes for two zero days that were identified today:
1. Crash in UDP proxy when datagram size is greater than 1500. This can happen if either MTU greater than 1500 or if fragmented datagrams are forwarded and reassembled: https://github.com/envoyproxy/envoy/p.... This issue was already under embargo and a new issue was opened in public GitHub.
2. Proxy proto downstream address not restored correctly for non-HTTP connections: https://github.com/envoyproxy/envoy/p.... This issue was opened publicly recently but the security implications were not clear at the time. This will affect logging and network level RBAC for non-HTTP network connections.
Resources
https://groups.google.com/g/envoy-sec...
CVE-2020-35470 Detail
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter (not HTTP filters).
https://nvd.nist.gov/vuln/detail/CVE-...
0:00
0:20 UDP Proxy Crash
2:15 Incorrect Downstream Remote Address
🎙️Listen to the Backend Engineering Podcast
https://husseinnasser.com/podcast
🏭 Backend Engineering Videos
• Backend Engineering (Beginner)
💾 Database Engineering Videos
• Database Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🏛️ Software Archtiecture Videos
• Software Architecture
📩 Messaging Systems
• Message Queues & PubSub Systems
Become a Member
/ @hnasr
Support me on PayPal
https://bit.ly/33ENps4
Stay Awesome,
Hussein
