Red Hat Product Errata RHSA-2026:22111 - Security Advisory Issued: 2026-06-01 Updated: 2026-06-01 RHSA-2026:22111 - Security Advisory Overview Updated Packages Synopsis Important: ovn25.09 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. Security Fix(es): ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue (CVE-2026-5265) ovn: OVN: Information disclosure via crafted DHCPv6 packets (CVE-2026-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Fast Datapath 10 x86_64 Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 10 ppc64le Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 10 s390x Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 10 aarch64 Fixes BZ - 2453458 - CVE-2026-5265 ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue BZ - 2455863 - CVE-2026-5367 ovn: OVN: Information disclosure via crafted DHCPv6 packets FDP-3260 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: error log in ovn-northd.log when set port security for vrrp FDP-3261 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: northd: wrong ip address temporarily assigned by ipam FDP-3486 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: Add dash version suffix to the internal version string FDP-3502 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: Add dash version suffix to the internal version string FDP-3539 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: [BGP][EVPN] Learned routes with indirect nexthop are ignored by ovn-northd FDP-3603 - CLONE [ovn25.09 fast-datapath-rhel-10] - Upstream: CR-LRP port flips flops after BFD failover due to unexpected chassis failure FDP-3699 - OVN 25.09 FDP-OVN-26.n4 RHEL 10 Release CVEs CVE-2026-5265 CVE-2026-5367 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Fast Datapath 10 SRPM ovn25.09-25.09.2-103.el10fdp.src.rpm SHA-256: 31024a25e9af11281debcf2bed0d37d1996e9be5346a5249172744e378909146 x86_64 ovn25.09-25.09.2-103.el10fdp.x86_64.rpm SHA-256: bb1731d1d30b6710a52cfc10702df6d16d8c6c45d43314e698f3ada9e2b353cd ovn25.09-central-25.09.2-103.el10fdp.x86_64.rpm SHA-256: 2d39c74f11a32d93e6f3f0edefe8d8b50d49351617fb0c24f0c53f137c490f96 ovn25.09-host-25.09.2-103.el10fdp.x86_64.rpm SHA-256: 5218c6a4f3bb32fed5fdb0607037017fe7b5800616a6fee8dac9a05c1f8f9baf ovn25.09-vtep-25.09.2-103.el10fdp.x86_64.rpm SHA-256: fc87c9c42736c2dbc6d6c35cd04757ee579d84b44e7067e33ef7c25fcf8339c3 Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 10 SRPM ovn25.09-25.09.2-103.el10fdp.src.rpm SHA-256: 31024a25e9af11281debcf2bed0d37d1996e9be5346a5249172744e378909146 ppc64le ovn25.09-25.09.2-103.el10fdp.ppc64le.rpm SHA-256: 38faa3ccbba7ab688904e3d0fbc0e7f79a0898a624c4e2db253d18991dc9be7c ovn25.09-central-25.09.2-103.el10fdp.ppc64le.rpm SHA-256: 86da5f2d52f4a60597dce16529d2b66f541f1d064265bd0747d1180ef7b57ea7 ovn25.09-host-25.09.2-103.el10fdp.ppc64le.rpm SHA-256: 809b7775a25fbe00a5ddc0b6a267ac941d5b950245e90bb7aa163b792bb94d30 ovn25.09-vtep-25.09.2-103.el10fdp.ppc64le.rpm SHA-256: 9addc008d9015fdf3ee667d63775f724e7dc124e9a2eaf5fcfb8db640f8c66d6 Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 10 SRPM ovn25.09-25.09.2-103.el10fdp.src.rpm SHA-256: 31024a25e9af11281debcf2bed0d37d1996e9be5346a5249172744e378909146 s390x ovn25.09-25.09.2-103.el10fdp.s390x.rpm SHA-256: 219f81e06ef715eecb3306859f0adbb523947b02e1999b28628fd24480b11327 ovn25.09-central-25.09.2-103.el10fdp.s390x.rpm SHA-256: f6dae14fc41bdacedf3716e2f25ccd851df6917c53be9154f190e1ed1b1b4a82 ovn25.09-host-25.09.2-103.el10fdp.s390x.rpm SHA-256: ec2a9cbaf9ad51c9ffc805268d6c6670c2da883a52917b434809d7f690bb6909 ovn25.09-vtep-25.09.2-103.el10fdp.s390x.rpm SHA-256: a9d11f50d28e55ed566712687ed90210d8970b6988d7ab8b6591f8c842dde9d5 Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 10 SRPM ovn25.09-25.09.2-103.el10fdp.src.rpm SHA-256: 31024a25e9af11281debcf2bed0d37d1996e9be5346a5249172744e378909146 aarch64 ovn25.09-25.09.2-103.el10fdp.aarch64.rpm SHA-256: de4f76363066c2a3540470a1e3674ad4079b52e78af17e014146b0e862ad61d8 ovn25.09-central-25.09.2-103.el10fdp.aarch64.rpm SHA-256: a587ea0344b16dad14dab0f3fb331c7c2d1a824bce2247165bfd0dd3edcd4d78 ovn25.09-host-25.09.2-103.el10fdp.aarch64.rpm SHA-256: b9085ddfd5d959dada6643fdff263c6e4911926fa9151c1a5c4aa49bee435c2a ovn25.09-vtep-25.09.2-103.el10fdp.aarch64.rpm SHA-256: e8ae0e493770b3ee5d510bd828ca55177f2e60fbe5743ab487418198ddf87d1b The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .