CVE-2024-32975 Information

Description

Envoy is a cloud-native open source edge and service proxy. There is a crash at QuicheDataReader::PeekVarInt62Length(). It is caused by integer underflow in the QuicStreamSequencerBuffer::PeekRegion() implementation.

Reference

https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc