CVE-2024-47535
Publication date 12 November 2024
Last updated 13 November 2024
Ubuntu priority
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| netty | 24.10 oracular | Ignored only affects Windows |
| 24.04 LTS noble | Ignored only affects Windows | |
| 22.04 LTS jammy | Ignored only affects Windows | |
| 20.04 LTS focal | Ignored only affects Windows | |
| 18.04 LTS bionic | Ignored only affects Windows | |
| 16.04 LTS xenial | Ignored only affects Windows | |
| 14.04 LTS trusty | Ignored end of ESM support, was needs-triage | |
| netty-3.9 | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|