Affected by GO-2023-2078
and 5 other vulnerabilities
GO-2023-2078 : Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079 : Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080 : Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656 : Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666 : Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072 : Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
Discover Packages
github.com/cilium/cilium
pkg
cgroups
package
Version:
v1.12.10
Opens a new window with list of versions in this module.
Published: May 17, 2023
License: Apache-2.0
Opens a new window with license information.
Imports: 8
Opens a new window with list of imports.
Imported by: 10
Opens a new window with list of known importers.
Documentation
Documentation
¶
Rendered for
linux/amd64
windows/amd64
darwin/amd64
js/wasm
func CheckOrMountCgrpFS(mapRoot string )
CheckOrMountCgrpFS this checks if the cilium cgroup2 root mount point is
mounted and if not mounts it. If mapRoot is "" it will mount the default
location. It is harmless to have multiple cgroupv2 root mounts so unlike
BPFFS case we simply mount at the cilium default regardless if the system
has another mount created by systemd or otherwise.
GetCgroupRoot returns the path for the cgroupv2 mount
Source Files
¶
Click to show internal directories.
Click to hide internal directories.