Description

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

Classification

CVE ID: CVE-2025-0650

Affected Products

Vendor: Red Hat

Product: Fast Datapath for RHEL 7

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 19.56% (scored less or equal to compared to others)

EPSS Date: 2025-02-21 (when was this score calculated)

References

https://access.redhat.com/security/cve/CVE-2025-0650
https://bugzilla.redhat.com/show_bug.cgi?id=2339537
https://www.openwall.com/lists/oss-security/2025/01/22/5

Timeline