Affected by GO-2023-1862
and 9 other vulnerabilities
GO-2023-1862: Cilium vulnerable to information leakage via incorrect ReferenceGrant handling in github.com/cilium/cilium
GO-2023-2078: Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079: Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080: Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-2922: Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium
GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
package
Version:
v1.13.2
Opens a new window with list of versions in this module.
Published: Apr 17, 2023
License: Apache-2.0
Opens a new window with license information.
Imports: 7
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Package probe provides a collection of kernel-side BPF feature probes.
HaveFullLPM tests whether kernel supports fully functioning BPF LPM map
with proper bpf.GetNextKey() traversal. Needs 4.16 or higher.
func HaveIPv6Support() bool
HaveIPv6Support tests whether kernel can open an IPv6 socket. This will
also implicitly auto-load IPv6 kernel module if available and not yet
loaded.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.