CVE-2025-0650 - Vulnerability Details

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01021.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Enterprise Linux Openshift

No data.

Package	CPE	Advisory	Released Date
Fast Datapath for Red Hat Enterprise Linux 8
ovn22.03-0:22.03.7-11.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1083	2025-02-05T00:00:00Z
ovn22.06-0:22.06.0-273.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1084	2025-02-05T00:00:00Z
ovn22.09-0:22.09.2-86.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1085	2025-02-05T00:00:00Z
ovn22.12-0:22.12.1-107.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1086	2025-02-05T00:00:00Z
ovn23.03-0:23.03.3-22.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1087	2025-02-05T00:00:00Z
ovn23.06-0:23.06.4-26.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2025:1088	2025-02-05T00:00:00Z
Fast Datapath for Red Hat Enterprise Linux 9
ovn22.03-0:22.03.7-11.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1089	2025-02-05T00:00:00Z
ovn22.06-0:22.06.0-273.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1090	2025-02-05T00:00:00Z
ovn22.09-0:22.09.2-86.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1091	2025-02-05T00:00:00Z
ovn22.12-0:22.12.1-107.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1092	2025-02-05T00:00:00Z
ovn23.03-0:23.03.3-22.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1093	2025-02-05T00:00:00Z
ovn23.06-0:23.06.4-26.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1094	2025-02-05T00:00:00Z
ovn23.09-0:23.09.6-12.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1095	2025-02-05T00:00:00Z
ovn24.03-0:24.03.4-53.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1096	2025-02-05T00:00:00Z
ovn24.09-0:24.09.1-66.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2025:1097	2025-02-05T00:00:00Z

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-1804	A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
Ubuntu USN	USN-7396-1	OVN vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

Red Hat Product Security has not identified any mitigations at this time. We recommend updating to a known patched version of OVN.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2025/01/22/11
https://access.redhat.com/errata/RHSA-2025:1083
https://access.redhat.com/errata/RHSA-2025:1084
https://access.redhat.com/errata/RHSA-2025:1085
https://access.redhat.com/errata/RHSA-2025:1086
https://access.redhat.com/errata/RHSA-2025:1087
https://access.redhat.com/errata/RHSA-2025:1088
https://access.redhat.com/errata/RHSA-2025:1089
https://access.redhat.com/errata/RHSA-2025:1090
https://access.redhat.com/errata/RHSA-2025:1091
https://access.redhat.com/errata/RHSA-2025:1092
https://access.redhat.com/errata/RHSA-2025:1093
https://access.redhat.com/errata/RHSA-2025:1094
https://access.redhat.com/errata/RHSA-2025:1095
https://access.redhat.com/errata/RHSA-2025:1096
https://access.redhat.com/errata/RHSA-2025:1097
https://access.redhat.com/security/cve/CVE-2025-0650
https://bugzilla.redhat.com/show_bug.cgi?id=2339537
https://nvd.nist.gov/vuln/detail/CVE-2025-0650
https://www.cve.org/CVERecord?id=CVE-2025-0650
https://www.openwall.com/lists/oss-security/2025/01/22/5

History

Thu, 13 Feb 2025 01:00:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-0650 https://www.cve.org/CVERecord?id=CVE-2025-0650
Metrics	threat_severity `None`	threat_severity `Important`

Wed, 12 Feb 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 06 Feb 2025 09:15:00 +0000

Type	Values Removed	Values Added
References		https://access.redhat.com/errata/RHSA-2025:1083 https://access.redhat.com/errata/RHSA-2025:1084 https://access.redhat.com/errata/RHSA-2025:1085 https://access.redhat.com/errata/RHSA-2025:1086 https://access.redhat.com/errata/RHSA-2025:1087 https://access.redhat.com/errata/RHSA-2025:1088 https://access.redhat.com/errata/RHSA-2025:1089 https://access.redhat.com/errata/RHSA-2025:1090 https://access.redhat.com/errata/RHSA-2025:1091 https://access.redhat.com/errata/RHSA-2025:1092 https://access.redhat.com/errata/RHSA-2025:1093 https://access.redhat.com/errata/RHSA-2025:1094 https://access.redhat.com/errata/RHSA-2025:1095 https://access.redhat.com/errata/RHSA-2025:1096 https://access.redhat.com/errata/RHSA-2025:1097

Tue, 28 Jan 2025 20:00:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:7::fastdatapath~~

Thu, 23 Jan 2025 18:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/01/22/11

Thu, 23 Jan 2025 16:45:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
Title		Ovn: egress acls may be bypassed via specially crafted udp packet
First Time appeared		Redhat Redhat enterprise Linux Redhat openshift
Weaknesses		CWE-284
CPEs		cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:7::fastdatapath cpe:/o:redhat:enterprise_linux:8::fastdatapath cpe:/o:redhat:enterprise_linux:9::fastdatapath
Vendors & Products		Redhat Redhat enterprise Linux Redhat openshift
References		https://access.redhat.com/security/cve/CVE-2025-0650 https://bugzilla.redhat.com/show_bug.cgi?id=2339537 https://www.openwall.com/lists/oss-security/2025/01/22/5
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2025-01-23T16:34:31.390Z

Updated: 2025-08-27T13:33:48.339Z

Reserved: 2025-01-22T15:37:30.389Z

Link: CVE-2025-0650

Vulnrichment

Updated: 2025-01-23T18:03:31.666Z

NVD

Status : Awaiting Analysis

Published: 2025-01-23T17:15:22.163

Modified: 2025-02-06T09:15:11.697

Link: CVE-2025-0650

Redhat

Severity : Important

Publid Date: 2024-01-21T00:00:00Z

Links: CVE-2025-0650 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object