debian · CVE-2025-0650

Quick triage

Priority: not yet assigned Published: Updated: Sun, 05 Jul 2026 10:47:54 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2025-0650 not yet assigned priority: Debian including 1 source packages (ovn), 4 status rows across 4 suites (bookworm, forky, sid, trixie): resolved 3, open 1.

Description:

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

cvelogic Threat Intelligence