The vulnerability CVE-2026-5367 affects OVN, a component of Red Hat Fast Datapath for RHEL 10, where crafted DHCPv6 SOLICIT packets with an inflated Client ID length cause the ovn-controller to read beyond packet bounds. This out-of-bounds read leads to information disclosure of sensitive heap memory data to an attacker’s virtual machine port. The issue is rated with a CVSS 3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N), indicating remote network attack with low complexity, no privileges or user interaction required, and a significant confidentiality impact. Red Hat has issued official security advisories and patches for affected ovn packages in Red Hat Enterprise Linux Fast Datapath 8, covering multiple architectures. The advisories provide updated ovn-2021 and ovn23.06 packages that fix this vulnerability. No exploits are currently known in the wild.

Successful exploitation of this vulnerability allows a remote attacker to cause an out-of-bounds read in the ovn-controller, resulting in disclosure of sensitive information stored in heap memory. This compromises confidentiality but does not affect integrity or availability. The vulnerability can be triggered remotely over the network without authentication or user interaction. The CVSS score of 8.6 reflects a high severity impact primarily due to information disclosure.

Red Hat has released official security updates for ovn-2021 and ovn23.06 packages addressing CVE-2026-5367. Users of Red Hat Enterprise Linux Fast Datapath 8 should apply these updates promptly by following the guidance in Red Hat advisory RHSA-2026:11694 and RHSA-2026:11695 and the update instructions at https://access.redhat.com/articles/11258. Applying these patches mitigates the vulnerability. There are no indications that additional mitigations are required beyond installing the vendor-provided fixes.