Introduction: In this post, we will be discussing a recent Cilium vulnerability that allows egress traffic from workloads to bypass network policies, thereby compromising workload isolation between namespaces. This issue affects Cilium v1.15. to v1.15.14, v1.16. to v1.16.7, and v1.17. to v1.17.1. We will explore the details of the vulnerability, provide steps to reproduce the issue, and discuss solutions and workarounds to prevent it.
Vulnerability Details: For users of Cilium who use the Gateway API for Ingress in their Kubernetes clusters, services using LoadBalancer resources deployed via a Gateway API configuration may be affected by this issue. When using Cilium's eBPF-based dataplane with network policies that block egress traffic from workloads in a namespace to other workloads in different namespaces, egress traffic from workloads covered by such network policies to LoadBalancers configured by Gateway resources will be incorrectly allowed.
To make this clearer, let's take a look at some code snippets to understand how the vulnerability works:
# Sample Gateway configuration
apiVersion: networking.x-k8s.io/v1alpha1
kind: Gateway
metadata:
name: my-gateway
spec:
gatewayClassName: someclass
listeners:
- protocol: HTTP
port: 80
routes:
kind: HTTPRoute
selector:
matchLabels:
app: myapp
namespaces:
from: SameNamespace
...
# Sample Network Policy that blocks egress
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: deny-egress
spec:
podSelector: {}
policyTypes:
- Egress
egress: [] # empty egress policy block implies denying all egress
In this scenario, the Gateway resource configures a LoadBalancer for the services labeled with app: myapp. The NetworkPolicy is supposed to block all egress traffic from the workloads that it selects. However, due to the described vulnerability, egress traffic from these workloads to LoadBalancers configured by the Gateway resource would incorrectly be allowed.
v1.17.2
For users who are unable to upgrade to these versions, a workaround using a Clusterwide Cilium Network Policy can be applied. Here is an example of such a policy:
apiVersion: cilium.io/v2
kind: CiliumClusterwideNetworkPolicy
metadata:
name: deny-cve-2025-30162-workaround
spec:
endpointSelector: {} # Selects all endpoints
rules:
ingress:
- fromEndpoints: [] # Deny all ingress traffic
egress:
- toEndpoints: [] # Deny all egress traffic
This policy would deny egress traffic to all workloads cluster-wide, preventing the bypassing of network policies when accessing LoadBalancers configured by Gateway API.
Original references
- Cilium Github Issue
- Cilium eBPF-based Dataplane
- Gateway API
Conclusion: The vulnerability discussed in this post highlights the importance of keeping software up-to-date and monitoring security advisories for the tools we use. By understanding the vulnerability, applying the appropriate fixes or workarounds, and staying vigilant, users of Cilium can continue to enjoy its features while maintaining a secure environment.
Timeline
Published on: 03/24/2025 19:15:52 UTC
Last modified on: 03/27/2025 16:45:46 UTC