Описание
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.
A flaw was found in Cilium. When specific network configurations, including Native Routing, WireGuard, and Node Encryption, are enabled, Cilium incorrectly allows network traffic from Pods on other nodes. This can lead to unauthorized access to network communications and potential information disclosure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-monitor-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-operator-bundle | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-builder-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-payload-rhel9 | Not affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-rhel9-operator | Not affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-grafana-rhel9 | Not affected | ||
| Network Observability Operator | network-observability/network-observability-ebpf-agent-rhel9 | Not affected | ||
| Network Observability Operator | network-observability/network-observability-flowlogs-pipeline-rhel9 | Not affected | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-agent-base-rhel8 | Not affected | ||
| OpenShift Developer Tools and Services | ocp-tools-4/jenkins-agent-base-rhel9 | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6.
Cilium is a networking, observability, and security solution with an e ...
Cilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabled
EPSS
6.1 Medium
CVSS3