CVE-2025-0650

high

Description

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

References

https://www.openwall.com/lists/oss-security/2025/01/22/5

https://bugzilla.redhat.com/show_bug.cgi?id=2339537

https://access.redhat.com/security/cve/CVE-2025-0650

https://access.redhat.com/errata/RHSA-2025:1097

https://access.redhat.com/errata/RHSA-2025:1096

https://access.redhat.com/errata/RHSA-2025:1095

https://access.redhat.com/errata/RHSA-2025:1094

https://access.redhat.com/errata/RHSA-2025:1093

https://access.redhat.com/errata/RHSA-2025:1092

https://access.redhat.com/errata/RHSA-2025:1091

https://access.redhat.com/errata/RHSA-2025:1090

https://access.redhat.com/errata/RHSA-2025:1089

https://access.redhat.com/errata/RHSA-2025:1088

https://access.redhat.com/errata/RHSA-2025:1087

https://access.redhat.com/errata/RHSA-2025:1086

https://access.redhat.com/errata/RHSA-2025:1085

https://access.redhat.com/errata/RHSA-2025:1084

https://access.redhat.com/errata/RHSA-2025:1083

http://www.openwall.com/lists/oss-security/2025/01/22/11

Details

Source: Mitre, NVD

Published: 2025-01-23

Updated: 2025-02-06

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High