Summary
Envoy crashes in Proxy protocol when using an address type that isn’t supported by the OS
Details
Envoy is susceptible to crashing on a host with IPv6 disabled and a listener config with proxy protocol enabled when it receives a request where the client presents its IPv6 address. It is valid for a client to present its IPv6 address to a target server even though the whole chain is connected via IPv4
Impact
Denial of service
Credits
William Dauchy william.dauchy@datadoghq.com
Summary
Envoy crashes in Proxy protocol when using an address type that isn’t supported by the OS
Details
Envoy is susceptible to crashing on a host with IPv6 disabled and a listener config with proxy protocol enabled when it receives a request where the client presents its IPv6 address. It is valid for a client to present its IPv6 address to a target server even though the whole chain is connected via IPv4
Impact
Denial of service
Credits
William Dauchy william.dauchy@datadoghq.com