Arithmetic Overflow Vulnerability in Antrea Networking Solution by Antrea
CVE-2026-25804

8HIGH

Key Information:

Vendor

Antrea-io

Status
Antrea
Vendor
CVE Published:
6 February 2026

What is CVE-2026-25804?

Antrea, a networking solution designed for Kubernetes, contains an arithmetic overflow vulnerability within its network policy priority assignment system. This issue affects versions prior to 2.3.2 and 2.4.3, leading to incorrect OpenFlow priority calculations when managing a substantial number of policies with diverse priority values. Consequently, this flaw can result in improper enforcement of network traffic rules, potentially compromising the desired security posture and overall functionality within Kubernetes environments.

Affected Version(s)

antrea < 2.3.2 < 2.3.2

antrea >= 2.4.0, < 2.4.3 < 2.4.0, 2.4.3

References

https://github.com/antrea-io/antrea/security/advisories/G...
x_refsource_CONFIRM
https://github.com/antrea-io/antrea/pull/7496
x_refsource_MISC
https://github.com/antrea-io/antrea/commit/86c4b6010f3be5...
x_refsource_MISC

CVSS V4

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.