QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-5367

Back to search

CVE-2026-5367

Published: Apr 24, 2026

Modified: Jun 1, 2026

PUBLISHED

CVSS v3.1

8.6

HIGH

Description

A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the disclosure of sensitive information stored in heap memory, which is then returned to the attacker's virtual machine port.

VendorProductVersions

Red Hat

Fast Datapath for Red Hat Enterprise Linux 10

unaffected
0:25.03.2-100.el10fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 10

unaffected
0:25.09.2-103.el10fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:21.12.0-145.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 8

unaffected
0:23.06.4-30.el8fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:23.06.4-30.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:23.09.6-16.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:24.03.7-82.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:25.03.2-100.el9fdp - < *

Red Hat

Fast Datapath for Red Hat Enterprise Linux 9

unaffected
0:25.09.2-103.el9fdp - < *

Red Hat

Fast Datapath for RHEL 8

All versions

Red Hat

Fast Datapath for RHEL 8

All versions

Red Hat

Fast Datapath for RHEL 8

All versions

Red Hat

Fast Datapath for RHEL 8

All versions

Red Hat

Fast Datapath for RHEL 9

All versions

Red Hat

Fast Datapath for RHEL 9

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Weaknesses (CWE)

CWE-130

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

References

RHSA-2026:11694
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11695
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11696
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11698
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11700
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11701
vendor-advisory
x_refsource_REDHAT
RHSA-2026:11702
vendor-advisory
x_refsource_REDHAT
RHSA-2026:22110
vendor-advisory
x_refsource_REDHAT
RHSA-2026:22111
vendor-advisory
x_refsource_REDHAT
RHBZ#2455863
issue-tracking
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now