Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Antrea has invalid enforcement order for network policy rules caused by integer overflow
Vulnerability Description
Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. This issue has been patched in versions 2.4.3.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Antrea 安全漏洞
Vulnerability Description
Antrea是antrea.io开源的一个Kubernetes网络配置软件。 Antrea 2.3.2之前版本和2.4.3之前版本存在安全漏洞,该漏洞源于网络策略优先级分配系统存在uint16算术溢出错误,可能导致流量强制执行不正确。
CVSS Information
N/A
Vulnerability Type
N/A