216.73.216.197

CVE-2026-25804

· Published 06/02/2026 23:15 · Modified 06/02/2026 23:15

Labels: CVE-2026-25804 2026-02-06CVE-2026-25804CWE-287[email protected]

Essential information

Published
06/02/2026 23:15
Modified
06/02/2026 23:15
Author
Creator
CVSS
8.0 HIGH (v3) 8.0 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. This issue has been patched in versions 2.4.3.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
antrea / antrea cpe:2.3:a:antrea:antrea:<2.3.2:*:*:*:*:*:*:*
antrea / antrea cpe:2.3:a:antrea:antrea:2.4.0-2.4.2:*:*:*:*:*:*:*
antrea / antrea cpe:2.3:a:antrea:antrea:2.4.3:*:*:*:*:*:*:*

References