This repository contains a proof-of-concept (PoC) Python script to demonstrate the CPU exhaustion vulnerability in Envoy caused by a flood of CONTINUATION frames. Author: blackmagic 2024
Envoy is a cloud-native, open-source edge and service proxy designed for modern cloud-native applications. However, versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to a flood of CONTINUATION frames. The HTTP/2 codec in Envoy allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This PoC script sends a large number of CONTINUATION frames with a payload to simulate the vulnerability and exhaust the CPU resources of the target Envoy server.
- Clone the repository:
git clone https://github.com/blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC.git- Navigate to the repository directory:
cd Envoy-CPU-Exhaustion-Vulnerability-PoC-
Modify the script as needed, including the TARGET_HOST, TARGET_PORT, NUM_CONTINUATION_FRAMES, and CONTINUATION_PAYLOAD variables according to your testing environment.
-
Run the Python script:
python3 envoyPOC.pyThis PoC script is provided for educational and research purposes only. Do not use this script for any illegal activities. Running this script against a production Envoy server without authorization may be illegal and unethical. Use it responsibly and only on systems you own or have explicit permission to test.