Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 7396-1: OVN Security Advisory Updates

ubuntu
Calendar Grey March 31, 2025
Dist Ubuntu Esm H88
OVN vulnerability in Ubuntu releases allows unintended network access. Update is required for affected systems.
OVN would allow unintended access to the network.

Summary

OVN would allow unintended access to the network.

Software Description:

- ovn: system to support virtual network abstraction

Details:

Marius Berntsberg, Trygve Vea, Tore Anderson, Rodolfo Alonso, Jay Faulkner,

and Brian Haley discovered that OVN incorrectly handled certain crafted UDP

packets. A remote attacker could possibly use this issue to bypass egress

ACL rules.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   ovn-central                     24.09.0-1ubuntu0.1
   ovn-common                      24.09.0-1ubuntu0.1
   ovn-docker                      24.09.0-1ubuntu0.1
   ovn-host                        24.09.0-1ubuntu0.1
   ovn-ic                          24.09.0-1ubuntu0.1

Ubuntu 24.04 LTS
   ovn-central                     24.03.2-0ubuntu0.24.04.2
   ovn-common                      24.03.2-0ubuntu0.24.04.2
   ovn-docker                      24.03.2-0ubuntu0.24.04.2
   ovn-host                        24.03.2-0ubuntu0.24.04.2
   ovn-ic                          24.03.2-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
   ovn-central                     22.03.3-0ubuntu0.22.04.5
   ovn-common                      22.03.3-0ubuntu0.22.04.5
   ovn-docker                      22.03.3-0ubuntu0.22.04.5
   ovn-host                        22.03.3-0ubuntu0.22.04.5
   ovn-ic                          22.03.3-0ubuntu0.22.04.5

Ubuntu 20.04 LTS
   ovn-central                     20.03.2-0ubuntu0.20.04.6
   ovn-common                      20.03.2-0ubuntu0.20.04.6
   ovn-docker                      20.03.2-0ubuntu0.20.04.6
   ovn-host                        20.03.2-0ubuntu0.20.04.6
   ovn-ic                          20.03.2-0ubuntu0.20.04.6

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7396-1

CVE-2025-0650

Ubuntu Security Notice USN-7396-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here