Skmatti

**Name of the Vulnerable Software and Affected Versions** Cilium versions prior to 1.14.14 Cilium versions 1.15.0 through 1.15.7 **Description** A race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node, leading to policy bypass. This could cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply. **Recommendations** For Cilium versions prior to 1.14.14, update to version 1.14.14 or later. For Cilium versions 1.15.0 through 1.15.7, update to version 1.15.8 or later. As a temporary workaround, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected.