CVE-2025-0650

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-0650
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2025:1083
https://access.redhat.com/errata/RHSA-2025:1084
https://access.redhat.com/errata/RHSA-2025:1085
https://access.redhat.com/errata/RHSA-2025:1086
https://access.redhat.com/errata/RHSA-2025:1087
https://access.redhat.com/errata/RHSA-2025:1088
https://access.redhat.com/errata/RHSA-2025:1089
https://access.redhat.com/errata/RHSA-2025:1090
https://access.redhat.com/errata/RHSA-2025:1091
https://access.redhat.com/errata/RHSA-2025:1092
https://access.redhat.com/errata/RHSA-2025:1093
https://access.redhat.com/errata/RHSA-2025:1094
https://access.redhat.com/errata/RHSA-2025:1095
https://access.redhat.com/errata/RHSA-2025:1096
https://access.redhat.com/errata/RHSA-2025:1097
https://access.redhat.com/security/cve/CVE-2025-0650
https://bugzilla.redhat.com/show_bug.cgi?id=2339537
https://www.openwall.com/lists/oss-security/2025/01/22/5
http://www.openwall.com/lists/oss-security/2025/01/22/11
Configurations

No configuration.

History

No history.

Information

Published : 2025-01-23 17:15

Updated : 2025-02-06 09:15

NVD link : CVE-2025-0650

Mitre link : CVE-2025-0650

CVE.ORG link : CVE-2025-0650

JSON object : View

Products Affected

No product.

CWE
CWE-284

Improper Access Control