Red Hat Security Advisory: ovn25.09 security update
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) * ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
Red Hat Product Security issued an important security advisory (RHSA-2026:11702) for ovn25.09 in Fast Datapath for Red Hat Enterprise Linux 9, addressing two vulnerabilities: CVE-2026-5265, a heap over-read in ICMP error response generation within OVN, and CVE-2026-5367, an information disclosure vulnerability triggered by crafted DHCPv6 packets. OVN provides virtual network abstraction capabilities complementing Open vSwitch. The advisory includes updated packages for multiple architectures and references Red Hat's official update article for remediation instructions. No CVSS scores are provided, but the severity is rated as high by the source data and important by Red Hat. No exploits in the wild are currently known.
Potential Impact
The heap over-read vulnerability (CVE-2026-5265) could lead to potential memory safety issues during ICMP error response generation, possibly causing crashes or unintended behavior. The information disclosure vulnerability (CVE-2026-5367) could allow an attacker to gain unauthorized access to information via specially crafted DHCPv6 packets. Both issues affect the OVN component used for virtual network abstractions in Red Hat Fast Datapath. The advisory rates the security impact as important/high. There are no reports of active exploitation in the wild at this time.
Mitigation Recommendations
Red Hat has released updated ovn25.09 packages for Fast Datapath on Red Hat Enterprise Linux 9 that address these vulnerabilities. Users should apply these official updates promptly following Red Hat's guidance at https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires applying the vendor-provided patches. No alternative mitigations or workarounds are specified in the advisory.
Red Hat Security Advisory: ovn25.09 security update
Description
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): * ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) * ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Red Hat Product Security issued an important security advisory (RHSA-2026:11702) for ovn25.09 in Fast Datapath for Red Hat Enterprise Linux 9, addressing two vulnerabilities: CVE-2026-5265, a heap over-read in ICMP error response generation within OVN, and CVE-2026-5367, an information disclosure vulnerability triggered by crafted DHCPv6 packets. OVN provides virtual network abstraction capabilities complementing Open vSwitch. The advisory includes updated packages for multiple architectures and references Red Hat's official update article for remediation instructions. No CVSS scores are provided, but the severity is rated as high by the source data and important by Red Hat. No exploits in the wild are currently known.
Potential Impact
The heap over-read vulnerability (CVE-2026-5265) could lead to potential memory safety issues during ICMP error response generation, possibly causing crashes or unintended behavior. The information disclosure vulnerability (CVE-2026-5367) could allow an attacker to gain unauthorized access to information via specially crafted DHCPv6 packets. Both issues affect the OVN component used for virtual network abstractions in Red Hat Fast Datapath. The advisory rates the security impact as important/high. There are no reports of active exploitation in the wild at this time.
Mitigation Recommendations
Red Hat has released updated ovn25.09 packages for Fast Datapath on Red Hat Enterprise Linux 9 that address these vulnerabilities. Users should apply these official updates promptly following Red Hat's guidance at https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires applying the vendor-provided patches. No alternative mitigations or workarounds are specified in the advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:11702
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-5367"]
- Cvss Version
- null
Threat ID: 6a19febde29bf47b500fd72f
Added to database: 5/29/2026, 9:01:49 PM
Last enriched: 5/29/2026, 9:06:02 PM
Last updated: 5/31/2026, 5:02:23 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.