Envoy through 1.14.1 is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream. The attacker can cause data associated with many streams to be buffered forever.
Acknowledgments: Name: the Envoy security team
External References: https://istio.io/latest/news/security/istio-security-2020-007/
Upstream commit: https://github.com/envoyproxy/envoy/commit/5eba69a1f375413fb93fab4173f9c393ac8c2818
This issue has been addressed in the following products: OpenShift Service Mesh 1.1 Via RHSA-2020:2798 https://access.redhat.com/errata/RHSA-2020:2798
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12604
This issue has been addressed in the following products: OpenShift Service Mesh 1.0 Via RHSA-2020:2864 https://access.redhat.com/errata/RHSA-2020:2864