Red Hat Security Advisory: ovn23.06 security update
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) * ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
OVN, a system supporting virtual network abstraction and complementing Open vSwitch capabilities, has two security issues fixed in the ovn23.06 update for Red Hat Enterprise Linux Fast Datapath 8. CVE-2026-5265 is a heap over-read vulnerability occurring during ICMP error response generation, classified under CWE-130. CVE-2026-5367 involves information disclosure via crafted DHCPv6 packets. Red Hat has issued updated ovn23.06 packages for multiple architectures and platforms to remediate these vulnerabilities. The advisory references Red Hat Security Advisory RHSA-2026:11695 and provides links to detailed update instructions and package downloads.
Potential Impact
The heap over-read vulnerability (CVE-2026-5265) could potentially lead to memory disclosure or application instability during ICMP error response processing. The information disclosure vulnerability (CVE-2026-5367) allows an attacker to obtain sensitive information by sending crafted DHCPv6 packets to the affected OVN components. Both vulnerabilities impact the security of virtual network abstractions in Red Hat Enterprise Linux Fast Datapath 8. Red Hat rates the overall security impact as Important (high severity). There are no reports of active exploitation in the wild.
Mitigation Recommendations
Red Hat has released updated ovn23.06 packages that address these vulnerabilities. Users of Red Hat Enterprise Linux Fast Datapath 8 should apply the security update as described in Red Hat Advisory RHSA-2026:11695 and the referenced update article (https://access.redhat.com/articles/11258). Applying these official patches will remediate the heap over-read and information disclosure issues. No additional mitigation steps are indicated by the vendor advisory.
Red Hat Security Advisory: ovn23.06 security update
Description
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) * ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OVN, a system supporting virtual network abstraction and complementing Open vSwitch capabilities, has two security issues fixed in the ovn23.06 update for Red Hat Enterprise Linux Fast Datapath 8. CVE-2026-5265 is a heap over-read vulnerability occurring during ICMP error response generation, classified under CWE-130. CVE-2026-5367 involves information disclosure via crafted DHCPv6 packets. Red Hat has issued updated ovn23.06 packages for multiple architectures and platforms to remediate these vulnerabilities. The advisory references Red Hat Security Advisory RHSA-2026:11695 and provides links to detailed update instructions and package downloads.
Potential Impact
The heap over-read vulnerability (CVE-2026-5265) could potentially lead to memory disclosure or application instability during ICMP error response processing. The information disclosure vulnerability (CVE-2026-5367) allows an attacker to obtain sensitive information by sending crafted DHCPv6 packets to the affected OVN components. Both vulnerabilities impact the security of virtual network abstractions in Red Hat Enterprise Linux Fast Datapath 8. Red Hat rates the overall security impact as Important (high severity). There are no reports of active exploitation in the wild.
Mitigation Recommendations
Red Hat has released updated ovn23.06 packages that address these vulnerabilities. Users of Red Hat Enterprise Linux Fast Datapath 8 should apply the security update as described in Red Hat Advisory RHSA-2026:11695 and the referenced update article (https://access.redhat.com/articles/11258). Applying these official patches will remediate the heap over-read and information disclosure issues. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:11695
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-5367"]
- Cvss Version
- null
Threat ID: 6a19febde29bf47b500fd764
Added to database: 5/29/2026, 9:01:49 PM
Last enriched: 5/29/2026, 9:06:40 PM
Last updated: 5/31/2026, 5:00:50 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.