Out-of-Bounds Read Vulnerability in Open Virtual Network
CVE-2026-5367

8.6HIGH

Key Information:

Vendor

Red Hat
Status
Fast Datapath For Red Hat Enterprise Linux 8
Fast Datapath For Red Hat Enterprise Linux 9
Fast Datapath For Rhel 10
Fast Datapath For Rhel 8
Vendor
CVE Published:
24 April 2026

What is CVE-2026-5367?

A flaw in the Open Virtual Network (OVN) allows a remote attacker to exploit specific vulnerabilities by sending specially crafted DHCPv6 SOLICIT packets. By inflating the Client ID length, an attacker could trigger the ovn-controller to read data beyond the allocated boundaries. This out-of-bounds read may inadvertently expose sensitive information residing in heap memory, which can be retrieved by the attacker's virtual machine, leading to potential data breaches.

Affected Version(s)

Fast Datapath for Red Hat Enterprise Linux 8 0:21.12.0-145.el8fdp

Fast Datapath for Red Hat Enterprise Linux 8 0:23.06.4-30.el8fdp

Fast Datapath for Red Hat Enterprise Linux 9 0:23.06.4-30.el9fdp

References

https://access.redhat.com/errata/RHSA-2026:11694
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:11695
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:11696
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.