Cilium Networking Solution Vulnerability in GatewayAPI Controller
CVE-2024-42486
Currently unrated
What is CVE-2024-42486?
The Cilium networking solution is affected by a vulnerability in its GatewayAPI controller, where changes to ReferenceGrant are not properly propagated. This flaw allows Gateway resources to potentially maintain access to secrets beyond the intended timeframe and enables Routes to forward traffic to backends across different namespaces inadvertently. Mitigation has been included in the releases of Cilium v1.15.8 and v1.16.1. Users are encouraged to apply the latest updates or employ workarounds, such as modifying Gateway/HTTPRoute/GRPCRoute/TCPRoute custom resource definitions (CRDs), to trigger necessary reconciliations of ReferenceGrants.