Red Hat Product Errata RHSA-2026:11702 - Security Advisory
Issued:
2026-04-29
Updated:
2026-04-29

RHSA-2026:11702 - Security Advisory

Synopsis

Important: ovn25.09 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups.

Security Fix(es):

  • ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265)
  • ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Fast Datapath 9 x86_64
  • Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9 ppc64le
  • Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9 s390x
  • Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9 aarch64

Fixes

  • BZ - 2453458 - CVE-2026-5265 ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue
  • BZ - 2455863 - CVE-2026-5367 ovn: OVN: Information disclosure via crafted DHCPv6 packets
  • FDP-3258 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: northd: wrong ip address temporarily assigned by ipam
  • FDP-3259 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: error log in ovn-northd.log when set port security for vrrp
  • FDP-3485 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: Add dash version suffix to the internal version string
  • FDP-3501 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: Add dash version suffix to the internal version string
  • FDP-3538 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: [BGP][EVPN] Learned routes with indirect nexthop are ignored by ovn-northd
  • FDP-3602 - CLONE [ovn25.09 fast-datapath-rhel-9] - Upstream: CR-LRP port flips flops after BFD failover due to unexpected chassis failure
  • FDP-3698 - OVN 25.09 FDP-OVN-26.n4 RHEL 9 Release

Red Hat Enterprise Linux Fast Datapath 9

SRPM
ovn25.09-25.09.2-103.el9fdp.src.rpm SHA-256: 7bb259550482f0f18e21c134c67a19d49bb3d0931d5b1225554662df00474da7
x86_64
ovn25.09-25.09.2-103.el9fdp.x86_64.rpm SHA-256: a992ed83cb806e56d7ab4e8a24870169136585510de21eef50e7085f9fe4bc19
ovn25.09-central-25.09.2-103.el9fdp.x86_64.rpm SHA-256: 7b1311cf07647872466d0e536063c44db7ba1c602eac2cd9ddd8fed3bf4dd720
ovn25.09-central-debuginfo-25.09.2-103.el9fdp.x86_64.rpm SHA-256: 60303e679d540ee31bab3ffa208dbed6c0f147edffc1dbe925ad82104998d412
ovn25.09-debuginfo-25.09.2-103.el9fdp.x86_64.rpm SHA-256: 73bc23ca3546fb33c1f93c334d602d960c1db1551cb481e6e44e6bd2ad7b39ee
ovn25.09-debugsource-25.09.2-103.el9fdp.x86_64.rpm SHA-256: 571ad01469de7784d5951fa1bdc1a21e150d620d9e5792091fd0e5ca1dcd4026
ovn25.09-host-25.09.2-103.el9fdp.x86_64.rpm SHA-256: a89e272ed3c102f2a2d03855a6910868943327f2052433d0206682bb7d1f262e
ovn25.09-host-debuginfo-25.09.2-103.el9fdp.x86_64.rpm SHA-256: d3222a82c0670f1f9344bffadc1e5969711bda329674ddc0e44a86e4729b2e91
ovn25.09-vtep-25.09.2-103.el9fdp.x86_64.rpm SHA-256: be65d7e7ab2f76ff4b3eeb9703282718b6556cf8c0f2824c1f17cfb17e8d4efe
ovn25.09-vtep-debuginfo-25.09.2-103.el9fdp.x86_64.rpm SHA-256: 39c1f626aeba4ed7f7f80a4046333f88b3283d2535ab03d90d52033fccdd718d

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9

SRPM
ovn25.09-25.09.2-103.el9fdp.src.rpm SHA-256: 7bb259550482f0f18e21c134c67a19d49bb3d0931d5b1225554662df00474da7
ppc64le
ovn25.09-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: f91210435beb7d5831b44a42e39f15a87f3696c3b3042722dd44a9c3a9342740
ovn25.09-central-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 03addde95be37935032ceeecee465216a257ba21abdd23cd1c903c1fb499ef9a
ovn25.09-central-debuginfo-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 6d6dcfc7876feb43b6468daa2355e29050d5d4a0cacd8f1d4b63dee2aef686a0
ovn25.09-debuginfo-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 4db4121a2dd221fc39c75b8772ad2b5be89a2d70bbda94dd6c9f09a3f5213eb9
ovn25.09-debugsource-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 413627c41d312fc676b56fa7dff17f9e8579c857edde87a408fb95f6fa1e1ece
ovn25.09-host-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 605aea75e70ed11cf01243c5c0f87cd8bec6bcd0a08d148cc76306998107379b
ovn25.09-host-debuginfo-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 73b16e9192382ca76a4ff60b6f70432a31f2547e61bb38839af7b0c6486444c6
ovn25.09-vtep-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 3360790681a5de06144cfd814f0a9c9bfaa11310ca217ff238749901a5927c4b
ovn25.09-vtep-debuginfo-25.09.2-103.el9fdp.ppc64le.rpm SHA-256: 1ae84c425d843c02ec7b25a96c3a60b0c635a004a37af42b280b49daa1d62fc7

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9

SRPM
ovn25.09-25.09.2-103.el9fdp.src.rpm SHA-256: 7bb259550482f0f18e21c134c67a19d49bb3d0931d5b1225554662df00474da7
s390x
ovn25.09-25.09.2-103.el9fdp.s390x.rpm SHA-256: 2f52649d88da3bec92738e02db309fd1d719aa0582a58d9f37438fdc1178e3b7
ovn25.09-central-25.09.2-103.el9fdp.s390x.rpm SHA-256: d62529314c06c54a5da2637d1f0ae9556b70565a19bb126d6496c0a1aaa74954
ovn25.09-central-debuginfo-25.09.2-103.el9fdp.s390x.rpm SHA-256: d10a749a1ab5b721c36ace9b9e5134580c7713c504cbbfdaa2a4dbbd3509371c
ovn25.09-debuginfo-25.09.2-103.el9fdp.s390x.rpm SHA-256: 55b71be230099f1725b5d7a354ad64bc630a6d93e182d2b751aaa8cd5365670b
ovn25.09-debugsource-25.09.2-103.el9fdp.s390x.rpm SHA-256: eedc6bd0073d610b391fc25096ee6ef242c9b4870ed363c92c8c5acf94bd5073
ovn25.09-host-25.09.2-103.el9fdp.s390x.rpm SHA-256: e7bc0eb79fe56d7b5b5b0126b3a0bab198d3b9eace960d8bf21ff8d02e656483
ovn25.09-host-debuginfo-25.09.2-103.el9fdp.s390x.rpm SHA-256: aa667d13f38a30afd8d14c8b32e405050e6bb722927a2fe80469e08cba55c8e4
ovn25.09-vtep-25.09.2-103.el9fdp.s390x.rpm SHA-256: a9b1ef53c861e70b198f0f858080fc38c48423d249e88dcb3f162ab94ca59b8e
ovn25.09-vtep-debuginfo-25.09.2-103.el9fdp.s390x.rpm SHA-256: 4acc044937dbb55870635bde6a98f127af43a8c98b001cdba7e22ec99f5dbe96

Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9

SRPM
ovn25.09-25.09.2-103.el9fdp.src.rpm SHA-256: 7bb259550482f0f18e21c134c67a19d49bb3d0931d5b1225554662df00474da7
aarch64
ovn25.09-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 0207f09db4f443924a84d6c53e96ba1f6425a27e10ea8501711338118126bfc3
ovn25.09-central-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 437da8abe6326bdc68018c3a71474a058062fe63705d8b3ebbbdb40be2d9ce77
ovn25.09-central-debuginfo-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 39eb18c974411f4bc680340afb6141ef8d642ea282d247abd56501a32b9e57d0
ovn25.09-debuginfo-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 72b3c01a1a7632cb92cee7e8cc8cf3aca473bd004312d4f237e9b276fc0f162e
ovn25.09-debugsource-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 356ef4de8f9676a50f3578e0108657f8693b1a432e751df09a2dfec2f313194a
ovn25.09-host-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 5dbe3b278f929657570799d81a8fd8147666ad005ab896773697131734d38250
ovn25.09-host-debuginfo-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 1ba19bc2be84501082066fdc3e2d25bffcd03a249e649065a2748e5ce31f45da
ovn25.09-vtep-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 03411472fbceace27c4924291d71cbd258ca31bc3fbce3de7980f53cf8178b0e
ovn25.09-vtep-debuginfo-25.09.2-103.el9fdp.aarch64.rpm SHA-256: 9bbbf14f9eb34a776d840eaed58f845a975665ae71057f03b4577a1d2071c882

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.