8.6

CVE-2026-5367

Ovn: ovn: information disclosure via crafted dhcpv6 packets

A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the disclosure of sensitive information stored in heap memory, which is then returned to the attacker's virtual machine port.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
Produkt Fast Datapath for Red Hat Enterprise Linux 10
Default Statusaffected
HerstellerRed Hat
Produkt Fast Datapath for Red Hat Enterprise Linux 8
Default Statusaffected
HerstellerRed Hat
Produkt Fast Datapath for Red Hat Enterprise Linux 9
Default Statusaffected
HerstellerRed Hat
Produkt Fast Datapath for RHEL 8
Default Statusaffected
HerstellerRed Hat
Produkt Fast Datapath for RHEL 9
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat OpenShift Container Platform 4
Default Statusaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.87% 0.54
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CWE-130 Improper Handling of Length Parameter Inconsistency

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

https://access.redhat.com/security/cve/CVE-2026-5367
https://bugzilla.redhat.com/show_bug.cgi?id=2455863
http://www.openwall.com/lists/oss-security/2026/04/20/3
http://www.openwall.com/lists/oss-security/2026/04/20/5
https://access.redhat.com/errata/RHSA-2026:11694
https://access.redhat.com/errata/RHSA-2026:11696
https://access.redhat.com/errata/RHSA-2026:11702
https://access.redhat.com/errata/RHSA-2026:11695
https://access.redhat.com/errata/RHSA-2026:11698
https://access.redhat.com/errata/RHSA-2026:11700
https://access.redhat.com/errata/RHSA-2026:11701
https://access.redhat.com/errata/RHSA-2026:22110
https://access.redhat.com/errata/RHSA-2026:22111
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5367.json