x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-47825

[GoVulnBot]

Advisory CVE-2024-47825 references a vulnerability in the following Go modules:

Module
github.com/cilium/cilium

Description:
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix (CIDRSet or toFQDN) and this narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all. Note that a rule specifying toEntities: world or toEntities: 0.0.0.0/0 is insufficient, it must be to entity all.This issue has been patched in Cilium v1.14.16 and v1.15.10. As th...

References:

• ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2024-47825
• WEB: GHSA-3wwx-63fv-pfq6

Cross references:

• github.com/cilium/cilium appears in 24 other report(s):
  • data/excluded/GO-2022-0530.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-wc5v-r48v-g4vh #530) NOT_GO_CODE
  • data/excluded/GO-2023-1642.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-4hc4-pgfx-3mrx #1642) NOT_GO_CODE
  • data/reports/GO-2022-0393.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-c66w-hq56-4q97 #393)
  • data/reports/GO-2022-0457.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2022-29178 #457)
  • data/reports/GO-2022-0458.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2022-29179 #458)
  • data/reports/GO-2022-0959.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-pfhr-pccp-hwmh #959)
  • data/reports/GO-2023-1643.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-8fg8-jh2h-f2hc #1643)
  • data/reports/GO-2023-1644.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-r5x6-w42p-jhpp #1644)
  • data/reports/GO-2023-1730.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2023-29002 #1730)
  • data/reports/GO-2023-1785.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-2h44-x2wx-49f4 #1785)
  • data/reports/GO-2023-1862.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2023-34242 #1862)
  • data/reports/GO-2023-2078.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-gj2r-phwg-6rww #2078)
  • data/reports/GO-2023-2079.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-24m5-r6hv-ccgp #2079)
  • data/reports/GO-2023-2080.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-4xp2-w642-7mcx #2080)
  • data/reports/GO-2024-2568.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-25630 #2568)
  • data/reports/GO-2024-2569.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-25631 #2569)
  • data/reports/GO-2024-2653.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-68mj-9pjq-mc85 #2653)
  • data/reports/GO-2024-2656.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-j89h-qrvr-xc36 #2656)
  • data/reports/GO-2024-2657.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-v6q2-4qr3-5cw6 #2657)
  • data/reports/GO-2024-2666.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-pwqm-x5x6-5586 #2666)
  • data/reports/GO-2024-2922.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-37307 #2922)
  • data/reports/GO-2024-3071.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42487 #3071)
  • data/reports/GO-2024-3072.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42488 #3072)
  • data/reports/GO-2024-3074.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42486 #3074)

See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/cilium/cilium
      vulnerable_at: 1.16.3
summary: CVE-2024-47825 in github.com/cilium/cilium
cves:
    - CVE-2024-47825
references:
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-47825
    - web: https://github.com/cilium/cilium/security/advisories/GHSA-3wwx-63fv-pfq6
source:
    id: CVE-2024-47825
    created: 2024-10-21T21:01:37.861696643Z
review_status: UNREVIEWED

[tatianab]

Duplicate of #3208