CVE-2022-29179

Name of the Vulnerable Software and Affected Versions Cilium versions prior to 1.9.16 Cilium versions prior to 1.10.11 Cilium versions prior to 1.11.5

Description Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. If an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The attacker can leverage Cilium's Kubernetes service account to gain access to cluster privileges that are more permissive than what is minimally required to operate Cilium, including modifying and deleting Pod and Node resources.

Recommendations For versions prior to 1.9.16, update to version 1.9.16 or later. For versions prior to 1.10.11, update to version 1.10.11 or later. For versions prior to 1.11.5, update to version 1.11.5 or later. As a temporary workaround, consider restricting access to Cilium's Kubernetes service account until a patch is applied.