Red Hat Security Advisory: Submariner v0.20 security fixes and container updates
🔗 CVE IDs covered (11)
📋 Description
CVE-2025-47950 — coredns: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification CVE-2025-59530 — github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-68121 — crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption CVE-2025-68151 — github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages CVE-2026-26017 — github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw CVE-2026-26018 — github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation CVE-2026-44740 — github.com/go-git/go-billy: Billy: Denial of Service via crafted input due to insufficient validation CVE-2026-53488 — github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin CVE-2026-53492 — github.com/containerd/containerd: containerd: Security bypass via Container Device Interface (CDI) annotation smuggling during checkpoint restoration.
🔗 References (14)
- selfhttps://access.redhat.com/errata/RHSA-2026:36873
- externalhttps://access.redhat.com/security/cve/CVE-2025-47950
- externalhttps://access.redhat.com/security/cve/CVE-2025-59530
- externalhttps://access.redhat.com/security/cve/CVE-2025-61726
- externalhttps://access.redhat.com/security/cve/CVE-2025-61729
- externalhttps://access.redhat.com/security/cve/CVE-2025-68121
- externalhttps://access.redhat.com/security/cve/CVE-2025-68151
- externalhttps://access.redhat.com/security/cve/CVE-2026-26017
- externalhttps://access.redhat.com/security/cve/CVE-2026-26018
- externalhttps://access.redhat.com/security/cve/CVE-2026-44740
- externalhttps://access.redhat.com/security/cve/CVE-2026-53488
- externalhttps://access.redhat.com/security/cve/CVE-2026-53492
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36873.json