Issued:: 2025-10-01
Updated:: 2025-10-01

RHSA-2025:17128 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: Submariner v0.20.2 security fixes and container updates

Type/Severity

Security Advisory: Moderate

Topic

Submariner v0.20.2 General Availability release images, which provide enhancements, security fixes, and updated container images.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Red Hat Advanced Cluster Management for Kubernetes v2.13

Description

Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods,
implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator,
it can enable direct networking between pods and services across different Kubernetes clusters.

For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.

Solution

For release note details, see the upstream Submariner release notes:

https://submariner.io/community/releases/

For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:

https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/

Fixes

ACM-22805 - Submariner integration breaks from 4.17 to 4.18

CVEs

CVE-2025-47950

References

https://access.redhat.com/security/updates/classification/

amd64

registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:4c82d0f3d62d6089f306dc88a3eeaed60d423541bb39324da21a61264b64fdbf

registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:f2794e21f96bd0f710ecf0ea3f7a70a4fd9aab504df15a664b7f7a29c9ff3f5c

registry.redhat.io/rhacm2/nettest-rhel9@sha256:1d05356129ed2a534e65adc3230a7e0d37b0a536469bb29569de0d6128201952

registry.redhat.io/rhacm2/subctl-rhel9@sha256:efbcd22e0fe51993955c8ca9cea699ed3fdfafb0ecfef6164e645a03df83235f

registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:ab91bcd9cf28a1621aca62c8af01d1c3225602533dae8ebcfa3369e0a8087623

registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:33c66141c6fb0742804d732a3b0957569b9a98f2ba8d60b2ad58e62e937031c2

registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:f0d4fad6cd65ab442b2e3110b1a29e2479c39ff9f116c185e950c30efceebcee

registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:709c21d4859abb2cbd9cbba1ae315e01185d1512ea8016d67f286b73040c1dc4

registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c5c35afd77d7abdf56669ffa10be3f8e4d8e3b7119ee9103fa458595560d7937

ppc64le

registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d905ef89fb32a76f5ddbdd5ae713b71dd41e3ccaf8b0e10f273ea75495eef922

registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7fc1504810a8468c3f82979994b10c7a4ed02742f824dd467cc237a440f85b0a

registry.redhat.io/rhacm2/subctl-rhel9@sha256:c31b32bd2be8e5bfc675a2074fc815ce386af05cc202d56eb022057b981fbe81

registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:e74575b84875632ffc2f87f9f8348a6867800dccc81c7410d65e7842271982e6

s390x

registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:9a869532fb064448318622890f317adce8b769896d5393885abc8c5e9c3b0199

registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:9eb3e91644195a4c046c6afcd0e3ad179304e532b25ca412d48995c7330c885d

registry.redhat.io/rhacm2/subctl-rhel9@sha256:2247f4479c783ada6f5581e1319e74add3aa66eb7c09e36d3904c04db069ba4f

registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:9afbd7c4ae3056293054a2167571917c1ceddbc1835c9ddc0fb86e4d766f4543

arm64

registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:93c51db1cc4e9247aa20818ae6ff75d835ab8f5573a4cd25674d78c4dba14fe9

registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:9fad0552b971600e55c92be6e762ae20d040316782b44e8e51b181d6e7bf8d1d

registry.redhat.io/rhacm2/nettest-rhel9@sha256:7efbe6bb502281b91fe3a0e0dc5a3a39c2d3b59477866fe5e40fc73e95d0fca4

registry.redhat.io/rhacm2/subctl-rhel9@sha256:3c2f289a599ce3c4241096479302f6d44f0a87fe77852881636d3996f719feab

registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:b3c4fd76baed396b22f61d10898423b8892f2fc9c89bd9621214b6db0f4bb0c9

registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:6cc5a038548f1e3ad1ca767af5c6de509749c299990e7422b8697d2ff40c343f

registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:821fc11c40eaa5caf4e4518a7cf1aea4b7b7a9159a8f21c3aead17c49b51aa4e

registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:098a85071176e6b25a24949cb158f6f9b22acaafc039b25feeb4fcb5242ea529

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation