14 matches found
ovn: OVN: Information disclosure via crafted DHCPv6 packets
A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...
RHEL 9 : ovn23.06 (RHSA-2026:11696)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11696 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...
USN-7396-1: OVN vulnerability
Marius Berntsberg, Trygve Vea, Tore Anderson, Rodolfo Alonso, Jay Faulkner, and Brian Haley discovered that OVN incorrectly handled certain crafted UDP packets. A remote attacker could possibly use this issue to bypass egress ACL rules...
RHEL 8 : ovn22.06 (RHSA-2025:1084)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1084 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 8 : ovn23.06 (RHSA-2025:1088)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1088 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 8 : ovn22.03 (RHSA-2025:1083)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1083 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 8 : ovn22.12 (RHSA-2025:1086)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1086 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 8 : ovn22.09 (RHSA-2025:1085)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1085 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 9 : ovn24.09 (RHSA-2025:1097)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1097 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
RHEL 9 : ovn23.06 (RHSA-2025:1094)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1094 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
Fedora 40 : ovn (2025-721a8bada2)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-721a8bada2 advisory. Update the OVN sources to upstream release v24.09.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...
CVE-2025-0650 Ovn: egress acls may be bypassed via specially crafted udp packet
A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...
CVE-2025-0650
OVN/Open vSwitch vulnerability CVE-2025-0650 enables bypass of egress ACLs via specially crafted UDP packets on a logical switch with DNS records and existing egress ACLs, potentially allowing unauthorized access to VMs/containers. Public advisories (SUSE/SUSE-SU-2026:0280-1 and 0290-1) recommend...
RHEL 9 : ovn22.12 (RHSA-2024:1392)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1392 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...