{"id":"CVE-2024-23322","summary":"Envoy crashes when idle and request per try timeout occur within the backoff interval","details":"Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedge_on_per_try_timeout is enabled, 2. per_try_idle_timeout is enabled (it can only be done in configuration), 3. per-try-timeout is enabled, either through headers or configuration and its value is equal, or within the backoff interval of the per_try_idle_timeout. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.","aliases":["BIT-envoy-2024-23322","GHSA-6p83-mfmh-qv38"],"modified":"2026-04-14T04:45:04.429184Z","published":"2024-02-09T22:51:53.539Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/23xxx/CVE-2024-23322.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-416"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/23xxx/CVE-2024-23322.json"},{"type":"ADVISORY","url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23322"},{"type":"FIX","url":"https://github.com/envoyproxy/envoy/commit/843f9e6a123ed47ce139b421c14e7126f2ac685e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"51964702956d64adcd1df6b8ea132e863fe78e74"},{"fixed":"a0e580408ef4568b0a16c6663b6d8ae0c46aba6a"},{"introduced":"7bba38b743bb3bca22dffb4a21c38ccc155fbef8"},{"fixed":"0fd81ee7ffcd7cfc864094b24dc9b5c3ade89ff2"},{"introduced":"b5ca88acee3453c9459474b8f22215796eff4dde"},{"fixed":"0de8b2b94c75dbe8c2f897058e16d23d959783fa"},{"introduced":"a6d1d66a62b985baed414ba90ad0daebfc074664"},{"fixed":"4fda4d79d06e1bd59e591be3f348223495083648"},{"fixed":"843f9e6a123ed47ce139b421c14e7126f2ac685e"}],"database_specific":{"versions":[{"introduced":"1.26.0"},{"fixed":"1.26.7"},{"introduced":"1.27.0"},{"fixed":"1.27.3"},{"introduced":"1.28.0"},{"fixed":"1.28.1"},{"introduced":"1.29.0"},{"fixed":"1.29.1"}]}}],"versions":["v1.26.0","v1.26.1","v1.26.2","v1.26.3","v1.26.4","v1.26.5","v1.26.6","v1.27.0","v1.27.1","v1.27.2","v1.28.0","v1.29.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-23322.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}