CVE-2026-25804

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. This issue has been patched in versions 2.4.3.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/antrea-io/antrea/commit/86c4b6010f3be536866f339b632621c23d7186fa	Patch
https://github.com/antrea-io/antrea/pull/7496	Issue Tracking Patch
https://github.com/antrea-io/antrea/security/advisories/GHSA-86x4-wp9f-wrr9	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:linuxfoundation:antrea::::::kubernetes::*
	cpe:2.3:a:linuxfoundation:antrea::::::kubernetes::*

History

No history.

Information

Published : 2026-02-06 23:15

Updated : 2026-02-28 00:30

NVD link : CVE-2026-25804

Mitre link : CVE-2026-25804

CVE.ORG link : CVE-2026-25804

JSON object : View

Products Affected

linuxfoundation

antrea

CWE

CWE-287

Improper Authentication

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2026-25804", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "UNREPORTED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-06T23:15:55.123", "references": [{"url": "https://github.com/antrea-io/antrea/commit/86c4b6010f3be536866f339b632621c23d7186fa", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/antrea-io/antrea/pull/7496", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/antrea-io/antrea/security/advisories/GHSA-86x4-wp9f-wrr9", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. This issue has been patched in versions 2.4.3."}, {"lang": "es", "value": "Antrea es una soluci\u00f3n de red de Kubernetes dise\u00f1ada para ser nativa de Kubernetes. Antes de las versiones 2.3.2 y 2.4.3, el sistema de asignaci\u00f3n de prioridad de pol\u00edticas de red de Antrea tiene un error de desbordamiento aritm\u00e9tico uint16 que causa c\u00e1lculos incorrectos de prioridad de OpenFlow al manejar un gran n\u00famero de pol\u00edticas con varios valores de prioridad. Esto resulta en una aplicaci\u00f3n de tr\u00e1fico potencialmente incorrecta. Este problema ha sido parcheado en la versi\u00f3n 2.4.3."}], "lastModified": "2026-02-28T00:30:06.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:antrea:*:*:*:*:*:kubernetes:*:*", "vulnerable": true, "matchCriteriaId": "395EA656-873E-492A-88A3-D6813376D968", "versionEndExcluding": "2.3.2"}, {"criteria": "cpe:2.3:a:linuxfoundation:antrea:*:*:*:*:*:kubernetes:*:*", "vulnerable": true, "matchCriteriaId": "7DB4CD72-9C1A-47E2-BB11-16F803BAE15A", "versionEndExcluding": "2.4.3", "versionStartIncluding": "2.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}