Red Hat Product Errata RHSA-2026:11701 - Security Advisory Issued: 2026-04-29 Updated: 2026-04-29 RHSA-2026:11701 - Security Advisory Overview Updated Packages Synopsis Important: ovn25.03 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for ovn25.03 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Fast Datapath 9 x86_64 Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9 ppc64le Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9 s390x Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9 aarch64 Fixes BZ - 2453458 - CVE-2026-5265 ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue BZ - 2455863 - CVE-2026-5367 ovn: OVN: Information disclosure via crafted DHCPv6 packets FDP-3262 - CLONE [ovn25.03 fast-datapath-rhel-9] - Upstream: error log in ovn-northd.log when set port security for vrrp FDP-3487 - CLONE [ovn25.03 fast-datapath-rhel-9] - Upstream: Add dash version suffix to the internal version string FDP-3499 - CLONE [ovn25.03 fast-datapath-rhel-9] - Upstream: Add dash version suffix to the internal version string FDP-3540 - CLONE [ovn25.03 fast-datapath-rhel-9] - Upstream: [BGP][EVPN] Learned routes with indirect nexthop are ignored by ovn-northd FDP-3696 - OVN 25.03 FDP-OVN-26.n4 RHEL 9 Release CVEs CVE-2026-5265 CVE-2026-5367 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Fast Datapath 9 SRPM ovn25.03-25.03.2-100.el9fdp.src.rpm SHA-256: 675ccbd50a8d7ca0c78b6488571658c488151fbdef64d184ac53e606259780f2 x86_64 ovn25.03-25.03.2-100.el9fdp.x86_64.rpm SHA-256: f1fa513eb4289cd1824879e9633f3be16f3ae669b51757ccb2840b169f19a113 ovn25.03-central-25.03.2-100.el9fdp.x86_64.rpm SHA-256: dda9ba3d101073c9b63bbb56498ea25e93a64b17055e1de8b61e06c9fe0ce4a2 ovn25.03-central-debuginfo-25.03.2-100.el9fdp.x86_64.rpm SHA-256: 2491d1648b893083c40685d81150eecbe512fea5c09a90a08ebea40ccd48ccce ovn25.03-debuginfo-25.03.2-100.el9fdp.x86_64.rpm SHA-256: d3b315ad55090acdd853a3e2a8bb77c910ddaa4d0ba0d20c3d43139b69c4e618 ovn25.03-debugsource-25.03.2-100.el9fdp.x86_64.rpm SHA-256: b8c311aab2334202b7b674194381046b2092ac0d040d0d1864aa9a4bdcc55eb4 ovn25.03-host-25.03.2-100.el9fdp.x86_64.rpm SHA-256: 3908827f31f1ed1758bc9ae3d56f2d4676c6a5619b5695da7b01ba9cb0585773 ovn25.03-host-debuginfo-25.03.2-100.el9fdp.x86_64.rpm SHA-256: bd4af0de33a57b05d3c4da5828f242aa341c69b95334e711fbeb758c4d047931 ovn25.03-vtep-25.03.2-100.el9fdp.x86_64.rpm SHA-256: 303389700c541a4e82936755bb1c81edc8bc0e70bbbfb95e5c08b21f330b30a9 ovn25.03-vtep-debuginfo-25.03.2-100.el9fdp.x86_64.rpm SHA-256: 4fd19f64410adad28a085252f2d130f2f73ff5c7fb35b104f111dcb3fa7022d9 Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9 SRPM ovn25.03-25.03.2-100.el9fdp.src.rpm SHA-256: 675ccbd50a8d7ca0c78b6488571658c488151fbdef64d184ac53e606259780f2 ppc64le ovn25.03-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 29e490adb0042a28e283911a96f9d360ee649eae255345eb5b25fbc046c905b0 ovn25.03-central-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 42ef2de8decb37470f97c2969e38adefc5372e669a997f2370696841a223e9d0 ovn25.03-central-debuginfo-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: aa9df240bae146da78a06082767447f9f5d2c8d1419897785f27338491fb60ff ovn25.03-debuginfo-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: ace96b167e9228aa0484929dd6668161e5db9972f8d6c6979256cbee77c2d9ac ovn25.03-debugsource-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 1885e0beb3767f379f12088795c53535654b027d5b32bc81551d6b3d42af50c5 ovn25.03-host-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 0d8c182ee123b757fe68185dcd554756da4d13175fb02c7f99ba3523554fa72d ovn25.03-host-debuginfo-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 14427b2ec5f3f11abc434824cce2c96f32d04c1332780a237040c3d66524539f ovn25.03-vtep-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: cd39a7157934ada8e5d99cc9893f8d128e8cec3db9289e93f1d105b813c9f4fd ovn25.03-vtep-debuginfo-25.03.2-100.el9fdp.ppc64le.rpm SHA-256: 56dab7abdc7fa64c1cc56aed4eef9bd80ab9fda95bedd5a6fda96104562c064b Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9 SRPM ovn25.03-25.03.2-100.el9fdp.src.rpm SHA-256: 675ccbd50a8d7ca0c78b6488571658c488151fbdef64d184ac53e606259780f2 s390x ovn25.03-25.03.2-100.el9fdp.s390x.rpm SHA-256: 508ac4cd077abdc210da2d315f44467da7056bdbfc27db00ed6fad2b52b17cfe ovn25.03-central-25.03.2-100.el9fdp.s390x.rpm SHA-256: 9798b7de1010c52f4d2ca15bcf6e3dcc9bc12fb085c0f0c495c55c6d09c64854 ovn25.03-central-debuginfo-25.03.2-100.el9fdp.s390x.rpm SHA-256: 5412382f6aa25a7b9d30b9516ef158344da96f077a35bba5a09a2e3fcab610b0 ovn25.03-debuginfo-25.03.2-100.el9fdp.s390x.rpm SHA-256: 937c22c201672df77100753c33965ccc83199d83e1a5366d579f6b244eec55ef ovn25.03-debugsource-25.03.2-100.el9fdp.s390x.rpm SHA-256: 1cb5ceb8ec593b7b691bacee0d2dc3fd76f1e7f42089283e52ac67fedb679b8e ovn25.03-host-25.03.2-100.el9fdp.s390x.rpm SHA-256: 7e266e070fa99ecefe441a3aa0643879b8560028f0a9c5cade6a26bdf7b7ffbc ovn25.03-host-debuginfo-25.03.2-100.el9fdp.s390x.rpm SHA-256: 139f371577b2f0e21633f43ac7025d2e94e7edc6301ca104403f0aff0bf4ef95 ovn25.03-vtep-25.03.2-100.el9fdp.s390x.rpm SHA-256: 5117c968660c538b5e897229686640144e6716e18104459375d298b1c6445a53 ovn25.03-vtep-debuginfo-25.03.2-100.el9fdp.s390x.rpm SHA-256: 1c41cfb046831d77eb0378d2115ef9a4b1c8531e2def56823beabf4cc39ebaaf Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9 SRPM ovn25.03-25.03.2-100.el9fdp.src.rpm SHA-256: 675ccbd50a8d7ca0c78b6488571658c488151fbdef64d184ac53e606259780f2 aarch64 ovn25.03-25.03.2-100.el9fdp.aarch64.rpm SHA-256: c86d8bcfea955c9b7eb920c63c00d899cf71eb18e63532008611dc93dafdab1e ovn25.03-central-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 2d4c8e68522c10c49b50b8d4710090a661cbdbf70451d6f16d56d1fe56459235 ovn25.03-central-debuginfo-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 7b548ad6ac5e9f57f733f48172133ed9234b5012f8cf112eee82d1fc3383ad29 ovn25.03-debuginfo-25.03.2-100.el9fdp.aarch64.rpm SHA-256: ce23e8b72424c6a9fe68ad565f0b6bb1c2e700b19b579022db006f94b6b54006 ovn25.03-debugsource-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 5dfde57f410348bb137b4d46064fc1be8d3a191c76b567952bd5d6e83126c6fa ovn25.03-host-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 18664726961a0a4551afe441e05d6166fcddec1956ecb7b86d364fcf847f49a9 ovn25.03-host-debuginfo-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 627f4caed4f6c8cea860af2ce0f96998399c81729fa33b24e50f4984f5d14e99 ovn25.03-vtep-25.03.2-100.el9fdp.aarch64.rpm SHA-256: 2b978f53fc63bf0b1431f17e493bb3b89b8212d43e5ba0aa8a761d2a1cab728e ovn25.03-vtep-debuginfo-25.03.2-100.el9fdp.aarch64.rpm SHA-256: dbefd26ce1e0d7d476f3a7339e2b89541e12738af19e635344006526191aaec9 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .