Skip to main content

OVN (Open Virtual Network) CVE-2026-5265

| EUVDEUVD-2026-25420 MEDIUM
Improper Handling of Length Parameter Inconsistency (CWE-130)
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
Apr 29, 2026 - 02:30 nvd
Patch available
Analysis Generated
Apr 24, 2026 - 15:15 vuln.today
CVSS changed
Apr 24, 2026 - 13:22 NVD
6.5 (MEDIUM)
EUVD ID Assigned
Apr 24, 2026 - 12:21 euvd
EUVD-2026-25420
Analysis Generated
Apr 24, 2026 - 12:21 vuln.today
CVE Published
Apr 24, 2026 - 12:21 nvd
MEDIUM 6.5

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

AnalysisAI

Heap over-read in OVN's ICMP error response generation allows remote attackers to leak sensitive memory contents, causing information disclosure and potential denial of service. The vulnerability affects OVN versions prior to the 2026 security update, exploitable over the network without authentication or user interaction via crafted ICMP packets. No public exploit code has been identified, but the attack vector is network-accessible with high complexity requirements.

Technical ContextAI

OVN is an open-source virtual networking platform that processes network packets including ICMP error responses. The vulnerability stems from improper bounds checking (CWE-130: Improper Handling of Length Parameters) in the ICMP error response generation logic, allowing an attacker-controlled read operation to access memory beyond the intended buffer boundaries. This heap over-read condition occurs when OVN constructs ICMP error messages in response to network traffic, potentially exposing heap-allocated data structures containing sensitive information.

Affected ProductsAI

OVN (Open Virtual Network) versions prior to the 2026 security release are affected. Based on oss-security mailing list disclosure on 2026/04/20, the vulnerability impacts unpatched OVN installations. Red Hat references (bugzilla.redhat.com/show_bug.cgi?id=2453458 and access.redhat.com/security/cve/CVE-2026-5265) indicate this affects Red Hat OpenStack Platform deployments using OVN. Exact affected version ranges were not provided in available data; refer to the Red Hat security advisory for definitive version information.

RemediationAI

Update to the patched OVN version released on or after 2026/04/20 as detailed in the Red Hat security advisory (access.redhat.com/security/cve/CVE-2026-5265). For Red Hat OpenStack Platform users, apply the corresponding security update via Red Hat's errata system. Interim mitigations include restricting network access to OVN control plane interfaces at the firewall level to limit exposure to untrusted ICMP traffic, or isolating OVN deployments from untrusted network segments until patching is complete. Note that the high-complexity requirement may limit real-world exploitability in production networks with typical segmentation, but patching remains the definitive remediation.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Module for Server Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-5265 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy