CVE-2025-0650
HIGHOpen Virtual Network - Crafted UDP Packet Egress ACL Bypass
Title source: manualDescription
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
References (19)
Core 19
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1083
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1084
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1085
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1086
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1087
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1088
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1089
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1090
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1091
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1092
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1093
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1094
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1095
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1096
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:1097
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-0650
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2339537
Scores
CVSS v3
8.1
EPSS
0.0013
EPSS Percentile
32.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-284
Status
published
Products (16)
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:22.03.7-11.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:22.06.0-273.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:22.09.2-86.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:22.12.1-107.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:23.03.3-22.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8
0:23.06.4-26.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9
0:22.03.7-11.el9fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9
0:22.06.0-273.el9fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9
0:22.09.2-86.el9fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9
0:22.12.1-107.el9fdp
... and 6 more
Published
Jan 23, 2025
Tracked Since
Feb 18, 2026