{"id":"CVE-2024-32975","summary":"Envoy crashes in QuicheDataReader::PeekVarInt62Length()","details":"Envoy is a cloud-native, open source edge and service proxy. There is a crash at `QuicheDataReader::PeekVarInt62Length()`. It is caused by integer underflow in the `QuicStreamSequencerBuffer::PeekRegion()` implementation.","aliases":["BIT-envoy-2024-32975","GHSA-g9mq-6v96-cpqc"],"modified":"2026-03-14T12:33:42.562363Z","published":"2024-06-04T21:00:03.208Z","database_specific":{"cwe_ids":["CWE-191"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32975.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32975.json"},{"type":"ADVISORY","url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32975"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"a6d1d66a62b985baed414ba90ad0daebfc074664"},{"last_affected":"8eef22b927682e9ff6f59cf9f26e440b41219fe6"}],"database_specific":{"versions":[{"introduced":"1.29.0"},{"last_affected":"1.29.4"}]}},{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"b5ca88acee3453c9459474b8f22215796eff4dde"},{"last_affected":"a6bded6ebcd6ba479414dd2dd47e73c18d15708e"}],"database_specific":{"versions":[{"introduced":"1.28.0"},{"last_affected":"1.28.3"}]}},{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"0"},{"last_affected":"be4f1cfd31c79fc05651efa2f88429b3c03d1d9e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.27.5"}]}}],"versions":["v1.0.0","v1.1.0","v1.10.0","v1.11.0","v1.12.0","v1.13.0","v1.14.0","v1.15.0","v1.16.0","v1.17.0","v1.18.0","v1.18.1","v1.18.2","v1.19.0","v1.2.0","v1.20.0","v1.21.0","v1.22.0","v1.23.0","v1.24.0","v1.25.0","v1.26.0","v1.27.0","v1.27.1","v1.27.2","v1.27.3","v1.27.4","v1.27.5","v1.28.0","v1.28.1","v1.28.2","v1.28.3","v1.29.0","v1.29.1","v1.29.2","v1.29.3","v1.29.4","v1.3.0","v1.4.0","v1.5.0","v1.6.0","v1.7.0","v1.8.0","v1.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-32975.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}