CVE-2026-47207 in envoy
Summary
by MITRE • 06/26/2026
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the first response in the batch causes the gRPC stream object to be destroyed, leading to a use-after-free error when Envoy attempts to process subsequent responses in the same gRPC message. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 06/26/2026
This vulnerability affects Envoy proxy versions between 1.34.0 and 1.35.12, 1.36.8, 1.37.4, and 1.38.2, representing a critical use-after-free condition that can lead to proxy crashes and potential denial of service attacks. The flaw occurs within the external processing server integration where Envoy communicates with ext_proc servers using gRPC streams. When an ext_proc server sends a single gRPC message containing multiple ProcessingResponse messages, the first response in the sequence triggers destruction of the gRPC stream object while subsequent responses remain queued for processing. This creates a scenario where Envoy attempts to access memory that has already been freed, resulting in unpredictable behavior and system instability.
The technical implementation of this vulnerability stems from improper handling of gRPC stream lifecycle management within Envoy's external processing framework. The issue manifests when the first ProcessingResponse message causes the underlying gRPC stream object to be destroyed through normal cleanup procedures, but subsequent responses in the same batch are still processed by Envoy's internal message handling logic. This race condition between stream destruction and message processing creates a use-after-free error that can trigger immediate system crashes or more subtle memory corruption issues. The vulnerability specifically impacts the ext_proc filter functionality which enables integration with external processing servers for advanced proxy operations such as request/response modification, authentication, and policy enforcement.
From an operational perspective, this vulnerability represents a significant risk to cloud-native environments relying on Envoy proxies for traffic management and service mesh operations. Attackers could exploit this weakness by crafting malicious gRPC responses from compromised or malicious ext_proc servers, potentially causing cascading failures across proxy clusters and disrupting service availability. The impact extends beyond individual proxy instances as the crash behavior can propagate through service mesh architectures, affecting multiple dependent services. Organizations using Envoy in production environments face potential business disruption and service degradation when this vulnerability is exploited, particularly in high-availability deployments where proxy stability is critical for maintaining service continuity.
The fix implemented in versions 1.35.13, 1.36.9, 1.37.5, and 1.38.3 addresses the root cause by ensuring proper synchronization between gRPC stream destruction and message processing operations. These updates modify the external processing filter logic to maintain references to stream objects until all messages in a batch have been fully processed, preventing premature cleanup that leads to use-after-free conditions. Organizations should prioritize immediate upgrade to these patched versions to eliminate exposure to this vulnerability. Security teams should also implement monitoring for unusual proxy behavior and consider implementing network segmentation to limit exposure from untrusted ext_proc server communications while awaiting patch deployment.
This vulnerability aligns with CWE-416, Use After Free, which describes the condition where a program continues to use a pointer after the memory it points to has been freed. The issue also demonstrates characteristics consistent with ATT&CK technique T1498.001, Network Denial of Service, as exploitation can lead to proxy crashes and service disruption. Additionally, this represents a software reliability issue that falls under the category of memory safety vulnerabilities, making it particularly concerning for cloud-native environments where proxy stability directly impacts overall system resilience and availability. The vulnerability underscores the importance of proper resource management in asynchronous communication systems and highlights the need for robust testing of edge cases involving stream lifecycle management in distributed proxy architectures.