Uncontrolled Resource Consumption in envoyproxy/envoy

Summary

Envoy is a cloud-native, open-source edge, and service proxy. In the github.com/envoyproxy/envoy package versions through v1.26.7, v1.27.x through v1.27.3, v1.28.x through v1.28.1, and v1.29.x through v1.29.2, the Envoy HTTP/2 protocol stack is vulnerable to the "HTTP/2 CONTINUATION Flood" vulnerability via the "nghttp2" component. Envoy's HTTP/2 codec allows the client to send an unlimited number of "CONTINUATION" frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of "CONTINUATION" frames without the "END_HEADERS" bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic, and culminating in Denial of Service through CPU exhaustion. Users should upgrade to one of the fixed versions to mitigate the effects of the "CONTINUATION" flood. As a workaround, it's also possible to disable the HTTP/2 protocol for downstream connections.