QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-0650

Back to search

CVE-2025-0650

Published: Jan 23, 2025

Modified: Nov 20, 2025

PUBLISHED

CVSS v3.1

8.1

HIGH

Description

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

VendorProductVersions

Unknown

ovn

unaffected
22.03.8
unaffected
24.03.5
unaffected
24.09.2

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:22.03.7-11.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:22.06.0-273.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:22.09.2-86.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:22.12.1-107.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:23.03.3-22.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:23.06.4-26.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:22.03.7-11.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:22.06.0-273.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:22.09.2-86.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:22.12.1-107.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:23.03.3-22.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:23.06.4-26.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:23.09.6-12.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:24.03.4-53.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:24.09.1-66.el9fdp - < *

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Weaknesses (CWE)

CWE-284

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

RHSA-2025:1083
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1084
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1085
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1086
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1087
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1088
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1089
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1090
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1091
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1092
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1093
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1094
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1095
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1096
vendor-advisory
x_refsource_REDHAT
RHSA-2025:1097
vendor-advisory
x_refsource_REDHAT
RHBZ#2339537
issue-tracking
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now