CVE-2025-0650
Severity CVSS v4.0:
Pending analysis
Type:
CWE-284
Improper Access Control
Publication date:
23/01/2025
Last modified:
06/02/2025
Description
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://access.redhat.com/errata/RHSA-2025:1083
- https://access.redhat.com/errata/RHSA-2025:1084
- https://access.redhat.com/errata/RHSA-2025:1085
- https://access.redhat.com/errata/RHSA-2025:1086
- https://access.redhat.com/errata/RHSA-2025:1087
- https://access.redhat.com/errata/RHSA-2025:1088
- https://access.redhat.com/errata/RHSA-2025:1089
- https://access.redhat.com/errata/RHSA-2025:1090
- https://access.redhat.com/errata/RHSA-2025:1091
- https://access.redhat.com/errata/RHSA-2025:1092
- https://access.redhat.com/errata/RHSA-2025:1093
- https://access.redhat.com/errata/RHSA-2025:1094
- https://access.redhat.com/errata/RHSA-2025:1095
- https://access.redhat.com/errata/RHSA-2025:1096
- https://access.redhat.com/errata/RHSA-2025:1097
- https://access.redhat.com/security/cve/CVE-2025-0650
- https://bugzilla.redhat.com/show_bug.cgi?id=2339537
- https://www.openwall.com/lists/oss-security/2025/01/22/5
- http://www.openwall.com/lists/oss-security/2025/01/22/11