A flaw was found in Envoy. Envoy will crash when the http async client is handling sendLocalReply under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the sendLocalReply() in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it's reference is called in router.onDestroy(), causing a segment fault. This will impact ext_authz if the upgrade and connection header are allowed. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or…Read More