CVE-2025-0650

{"id": "CVE-2025-0650", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2025-01-23T17:15:22.163", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:1083", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1084", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1085", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1086", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1087", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1088", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1089", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1090", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1091", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1092", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1093", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1094", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1095", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1096", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:1097", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-0650", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339537", "source": "secalert@redhat.com"}, {"url": "https://www.openwall.com/lists/oss-security/2025/01/22/5", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2025/01/22/11", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en Open Virtual Network (OVN). Los paquetes UDP manipulados en particular pueden eludir las listas de control de acceso (ACL) de salida en instalaciones OVN configuradas con un conmutador l\u00f3gico con registros DNS configurados en \u00e9l y si el mismo conmutador tiene alguna ACL de salida configurada. Este problema puede provocar acceso no autorizado a m\u00e1quinas virtuales y contenedores que se ejecutan en la red OVN."}], "lastModified": "2025-02-06T09:15:11.697", "sourceIdentifier": "secalert@redhat.com"}