Istio
1.30.2Networking & MessagingIstio 1.30.2 is a security-plus-bugfix patch release, its main content is fixes for 14 Envoy CVEs (one high-severity HTTP/3 DoS via QPACK, others medium to high) under ISTIO-SECURITY-2026-005, alongside operator-relevant changes to pilot-agent metric merging and new AuthorizationPolicy trust-domain fields.
security14 Envoy CVEs fixed under ISTIO-SECURITY-2026-005, several high severity
Applies to all 1.30.x deployments. Fixed a DoS in the HTTP/3 stack via QPACK blocked decoding, plus a JSON parser change limiting nesting depth to 1000 (previously the 10K fallback is reachable only if envoy.reloadable_features.limit_json_parser_nesting_depth is set to false) and a headers-only content-length validation fix gated by envoy.reloadable_features.quic_validate_headers_only_content_length. Upgrade to 1.30.2.
securityMultiple use-after-free and crash fixes across ext_authz, ext_proc, gRPC stats, and OAuth2 filters
Applies when ext_authz per-route service overrides are active and a downstream connection resets mid-authorization-check (CVE-2026-47205), or when ext_proc/gRPC stats/OAuth2 filters are in use. Upgrade to close use-after-free and padding-oracle issues; the OAuth2 filter now also supports AES-256-GCM cookie encryption via a gcm. marker.
breakingpilot-agent metric merging now rejects protobuf content type
Applies to deployments using pilot-agent metric merging (PILOT_AGENT_MERGE_ENVOY_STATS). Allowed content types are now restricted to text/plain and application/openmetrics-text; protobuf-based scraping of merged metrics will break. Check scrape configs before upgrading.
enhancementAuthorizationPolicy gains trust-domain matching
Applies to AuthorizationPolicy authors who want mTLS trust-domain-based access control. New trustDomains and notTrustDomains fields on Source let policies match or exclude requests by the trust domain in the peer certificate.
Key changes (8)
- ISTIO-SECURITY-2026-005 bundles fixes for 14 Envoy CVEs (max severity high); most notable are the HTTP/3 QPACK blocked-decoding DoS (GHSA-p7c7-7c47-pwch), the Zstd decompressor memory exhaustion (CVE-2026-48044), the %REQUESTED_SERVER_NAME% formatter crash (CVE-2026-47220), and the JSON nesting depth limit of 1000 (CVE-2026-48042)
- Use-after-free/crash fixes land in ext_authz (per-route overrides during connection reset), ext_proc, gRPC stats filter, and the async token callback path
- OAuth2 filter closes a padding oracle in AES-256-CBC cookie decryption and adds AES-256-GCM support
- pilot-agent metric merging now restricts allowed content types to text/plain and application/openmetrics-text, dropping protobuf support; a new PILOT_AGENT_MERGE_ENVOY_STATS env var controls the merge behavior
- AuthorizationPolicy Source gains trustDomains and notTrustDomains fields for trust-domain-based request matching
- Fixed a brief traffic outage on istio.io/rev label changes for Kubernetes Gateway/ListenerSet, and duplicate/excessive xDS pushes from WasmPlugin-to-TrafficExtension conversions
- Ambient mode: fixed pods dropping out of the host health-probe ipset after node/kubelet restart, which had caused kubelet probes to be rejected by ztunnel
- Plus several smaller fixes: warn-level logging for outdated Gateway API CRDs, sidecar config generation for pre-1.29.2, and a krt controller memory leak from stale reverse-index entries