CVE-2019-18836 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-18836 Interim 1 14 2025-02-17T01:51:04Z current 2021-05-30T14:33:01Z 2025-02-17T01:51:04Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-18836 Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2020-June/006950.html E-Mail link for SUSE-CU-2020:196-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/006952.html E-Mail link for SUSE-CU-2020:198-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/006954.html E-Mail link for SUSE-CU-2020:200-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/006955.html E-Mail link for SUSE-CU-2020:201-1 https://lists.suse.com/pipermail/sle-security-updates/2020-December/007995.html E-Mail link for SUSE-CU-2020:789-1 https://lists.suse.com/pipermail/sle-security-updates/2020-December/007998.html E-Mail link for SUSE-CU-2020:793-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/006902.html E-Mail link for SUSE-SU-2020:1573-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Container caasp/v4/cert-exporter:2.3.0 Container caasp/v4/cilium-operator:1.6.6 Container caasp/v4/cilium:1.6.6 Container caasp/v4/hyperkube:v1.17.17 Container caasp/v4/kured:1.3.0 Container caasp/v4/metrics-server:0.3.6 SUSE CaaS Platform 4.0 bpftool-4.12.14-1.3.8.3 caasp-release-4.2.1-24.23.4 cert-exporter-2.3.0-1.3.4 cilium-1.6.6-3.3.8 cilium-cni-1.6.6-3.3.8 cilium-operator-1.6.6-3.3.8 cilium-proxy-20200109-3.3.11.1 iproute2-5.3-3.3.5 kured-1.3.0-4.17.5 libdd_opentracing0-1.0.1-3.7.3 libfmt6-6.1.2-3.3.5 libprotobuf-lite20-3.9.1-3.7.4 libsqlparser1-1.5+git20181206-1.6.6 libxxhash0-0.7.1-3.3.4 metrics-server-0.3.6-1.3.4 skuba-1.3.5-3.39.1 skuba-update-1.3.5-3.39.1 terraform-provider-vsphere-1.17.3-3.3.4 cert-exporter-2.3.0-1.3.4 as a component of Container caasp/v4/cert-exporter:2.3.0 cilium-operator-1.6.6-3.3.8 as a component of Container caasp/v4/cilium-operator:1.6.6 libprotobuf-lite20-3.9.1-3.7.4 as a component of Container caasp/v4/cilium-operator:1.6.6 bpftool-4.12.14-1.3.8.3 as a component of Container caasp/v4/cilium:1.6.6 cilium-1.6.6-3.3.8 as a component of Container caasp/v4/cilium:1.6.6 cilium-cni-1.6.6-3.3.8 as a component of Container caasp/v4/cilium:1.6.6 cilium-proxy-20200109-3.3.11.1 as a component of Container caasp/v4/cilium:1.6.6 iproute2-5.3-3.3.5 as a component of Container caasp/v4/cilium:1.6.6 libdd_opentracing0-1.0.1-3.7.3 as a component of Container caasp/v4/cilium:1.6.6 libfmt6-6.1.2-3.3.5 as a component of Container caasp/v4/cilium:1.6.6 libprotobuf-lite20-3.9.1-3.7.4 as a component of Container caasp/v4/cilium:1.6.6 libsqlparser1-1.5+git20181206-1.6.6 as a component of Container caasp/v4/cilium:1.6.6 libxxhash0-0.7.1-3.3.4 as a component of Container caasp/v4/cilium:1.6.6 iproute2-5.3-3.3.5 as a component of Container caasp/v4/hyperkube:v1.17.17 kured-1.3.0-4.17.5 as a component of Container caasp/v4/kured:1.3.0 metrics-server-0.3.6-1.3.4 as a component of Container caasp/v4/metrics-server:0.3.6 caasp-release-4.2.1-24.23.4 as a component of SUSE CaaS Platform 4.0 skuba-1.3.5-3.39.1 as a component of SUSE CaaS Platform 4.0 skuba-update-1.3.5-3.39.1 as a component of SUSE CaaS Platform 4.0 terraform-provider-vsphere-1.17.3-3.3.4 as a component of SUSE CaaS Platform 4.0 Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used." CVE-2019-18836 Container caasp/v4/cert-exporter:2.3.0:cert-exporter-2.3.0-1.3.4 Container caasp/v4/cilium-operator:1.6.6:cilium-operator-1.6.6-3.3.8 Container caasp/v4/cilium-operator:1.6.6:libprotobuf-lite20-3.9.1-3.7.4 Container caasp/v4/cilium:1.6.6:bpftool-4.12.14-1.3.8.3 Container caasp/v4/cilium:1.6.6:cilium-1.6.6-3.3.8 Container caasp/v4/cilium:1.6.6:cilium-cni-1.6.6-3.3.8 Container caasp/v4/cilium:1.6.6:cilium-proxy-20200109-3.3.11.1 Container caasp/v4/cilium:1.6.6:iproute2-5.3-3.3.5 Container caasp/v4/cilium:1.6.6:libdd_opentracing0-1.0.1-3.7.3 Container caasp/v4/cilium:1.6.6:libfmt6-6.1.2-3.3.5 Container caasp/v4/cilium:1.6.6:libprotobuf-lite20-3.9.1-3.7.4 Container caasp/v4/cilium:1.6.6:libsqlparser1-1.5+git20181206-1.6.6 Container caasp/v4/cilium:1.6.6:libxxhash0-0.7.1-3.3.4 Container caasp/v4/hyperkube:v1.17.17:iproute2-5.3-3.3.5 Container caasp/v4/kured:1.3.0:kured-1.3.0-4.17.5 Container caasp/v4/metrics-server:0.3.6:metrics-server-0.3.6-1.3.4 SUSE CaaS Platform 4.0:caasp-release-4.2.1-24.23.4 SUSE CaaS Platform 4.0:skuba-1.3.5-3.39.1 SUSE CaaS Platform 4.0:skuba-update-1.3.5-3.39.1 SUSE CaaS Platform 4.0:terraform-provider-vsphere-1.17.3-3.3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L