Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.

The version of Coherence installed on the remote host is affected by a vulnerability as referenced in the April 2025 CPU advisory.

  - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Third Party     (Netty)). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise     Oracle Coherence. Successful attacks of this vulnerability can result in unauthorized ability to cause     a hang or frequently repeatable crash (complete DOS) of Oracle Coherence. (CVE-2025-24970, CVE-2025-25193)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3465 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.

    Security Fix(es):

    * io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)

    * netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine (CVE-2025-24970)

    * org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)

    A Red Hat Security Bulletin which addresses further details about this flaw is available in the References     section.

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3357 advisory.

    Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly     application runtime.

    This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release     Notes for information about the most     significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z]     (CVE-2024-8447)

    * io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)

    * netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in     version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via     SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native     crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of     the native SSLEngine or change the code manually. (CVE-2025-24970)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0590-1 advisory.

    - CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a native crash. (bsc#1237037)
    - CVE-2025-25193: unsafe reading of environment files can lead to an application crash. (bsc#1237038)

    Update to netty version 4.1.118 and netty-tcnative version 2.0.70 Final.

    Other fixes:

    - Fix recycling in CodecOutputList.
    - StreamBufferingEncoder: do not send header frame with priority by default.
    - Notify event loop termination future of unexpected exceptions.
    - Fix AccessControlException in GlobalEventExecutor.
    - AdaptivePoolingAllocator: round chunk sizes up and reduce chunk release frequency.
    - Support BouncyCastle FIPS for reading PEM files.
    - Dns: correctly encode DnsPtrRecord.
    - Provide Brotli settings without com.aayushatharva.brotli4j dependency.
    - Make DefaultResourceLeak more resilient against OOM.
    - OpenSslSession: add support to defensively check for peer certs.
    - SslHandler: ensure buffers are never leaked when wrap(...) produces SSLException.
    - Correcly handle comments appended to nameserver declarations.
    - PcapWriteHandler: apply fixes so that the handler can append to an existing PCAP file when writing the     global header.
    - PcapWriteHandler: allow output of PCAP files larger than 2GB.
    - Fix bugs in BoundedInputStream.
    - Fix HTTP header validation bug.
    - AdaptivePoolingAllocator: fix possible race condition in method offerToQueue(...).
    - AdaptivePoolingAllocator: make sure the sentinel object Magazine.MAGAZINE_FREED not be replaced.
    - Only try to use Zstd and Brotli if the native libs can be loaded.
    - Bump BlockHound version to 1.0.10.RELEASE.
    - Add details to TooLongFrameException message.
    - AdaptivePoolingAllocator: correctly reuse chunks.
    - AdaptivePoolingAllocator: don't fail when we run on a host with 1 core.
    - AdaptivePoolingAllocator: correctly re-use central queue chunks and avoid OOM issue.
    - Fix several memory management (leaks and missing checks) issues.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
234552	Oracle Coherence (April 2025 CPU)	Nessus	Misc.	high
233918	RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.21 (RHSA-2025:3465)	Nessus	Red Hat Local Security Checks	medium
233543	RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0.6 (RHSA-2025:3357)	Nessus	Red Hat Local Security Checks	medium
231556	Linux Distros Unpatched Vulnerability : CVE-2025-24970	Nessus	Misc.	high
216507	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : netty, netty-tcnative (SUSE-SU-2025:0590-1)	Nessus	SuSE Local Security Checks	medium

Detections

Analytics

CVE-2025-24970

high

Tenable Plugins

high

medium

medium

high

medium