Envoy Gateway CVE-2026-53716
MEDIUMSeverity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
S:C corrects the provided vector's S:U because the shared controller crash disrupts all co-tenants; PR:L reflects RBAC-gated EnvoyExtensionPolicy creation access.
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionGitHub Advisory
Vulnerability report without repro case. Repro case may be added later after harness is complete.
Preconditions (4):
- Tenant can create EnvoyExtensionPolicy (baseline)
- Attacker hosts a gzip-bomb at a reachable URL
- sha256 unset (optional field; check is post-decompression anyway)
- No operator Wasm-URL allowlist (none exists in code)
Description
getFileFromGZ calls io.ReadAll on a raw gzip.Reader (httpfetcher.go:216) with no output bound, while the compressed input is capped at 256 MiB (httpfetcher.go:139). The bytes originate from a tenant-controlled EnvoyExtensionPolicy.spec.wasm[].code.http.url (envoyextensionpolicy.go:1077 → cache.go:248 → httpfetcher.go:147 → :233), so an untrusted tenant can point at a ~10 MiB gzip-of-zeros and force ~10 GiB allocation in the shared controller process. All candidate guards execute either before the body is buffered or after decompression. OOM-kills, restarts, re-reconciles same CR, crash-loops - persistent cross-tenant control-plane outage with PR:L/AC:L and scope change → HIGH despite availability-only.
AnalysisAI
Unbounded gzip decompression in Envoy Gateway's Wasm HTTP fetch path allows a low-privileged tenant to exhaust memory in the shared controller process via a crafted gzip-bomb URL, causing persistent cross-tenant control-plane outages. Any tenant with RBAC permission to create EnvoyExtensionPolicy resources can trigger approximately 10 GiB of heap allocation from a 10 MiB compressed payload, OOM-killing the controller; because the controller restarts and immediately re-reconciles the malicious custom resource, the crash-loop is self-sustaining and affects all co-tenants until the offending policy is deleted or the controller is patched. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the attacker already holds Kubernetes RBAC permission to create or modify EnvoyExtensionPolicy custom resources in at least one namespace served by the gateway controller - this is the baseline 'tenant' privilege described in the preconditions. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The provided CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, score 6.5) contains a significant inconsistency: the vulnerability description explicitly identifies a cross-tenant scope change - the shared controller process services all tenants, so one tenant's OOM kill disrupts all tenants' control-plane operations. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A tenant with EnvoyExtensionPolicy creation rights in a multi-tenant Envoy Gateway cluster hosts a ~10 MiB gzip-of-zeros file on any HTTP endpoint reachable by the controller pod, then creates an EnvoyExtensionPolicy referencing that URL as the Wasm module source. The controller fetches the file, decompresses it without bound into approximately 10 GiB of heap memory, receives an OOM kill from the Linux kernel, restarts, immediately re-reconciles the same custom resource, and enters a persistent crash-loop that prevents all tenants in the cluster from receiving control-plane configuration updates until an operator manually deletes the offending policy. |
| Remediation | Upgrade Envoy Gateway to version 1.7.4 (for 1.7.x deployments) or 1.8.1 (for 1.8.x deployments), as confirmed by the GitHub Security Advisory GHSA-cxpq-8v7q-cg56 at https://github.com/envoyproxy/gateway/security/advisories/GHSA-cxpq-8v7q-cg56. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-cxpq-8v7q-cg56