VDB
DEBIAN-CVE-2025-0650
DEBIAN-CVE-2025-0650
PUBLISHED
CVSS 8.100000381469727 HIGH
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | ovn | 26.03.0, 26.03.0-2, 26.03.0 |
| Debian:13 | ovn | 0, 0 |
| Debian:14 | ovn | 0, 0 |
Timeline
- Jan 23, 2025 CVE Published
- Apr 28, 2026 CVE Updated