Affected by GO-2023-1643
and 8 other vulnerabilities
GO-2023-1643: Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium
GO-2023-1730: Debug mode leaks confidential data in Cilium in github.com/cilium/cilium
GO-2023-1785: Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
GO-2023-2078: Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079: Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080: Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
package
Version:
v1.10.15
Opens a new window with list of versions in this module.
Published: Sep 14, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 6
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Package probe provides a collection of kernel-side BPF feature probes.
HaveFullLPM tests whether kernel supports fully functioning BPF LPM map
with proper bpf.GetNextKey() traversal. Needs 4.16 or higher.
func HaveIPv6Support() bool
HaveIPv6Support tests whether kernel can open an IPv6 socket. This will
also implicitly auto-load IPv6 kernel module if available and not yet
loaded.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.