CVE-2025-24970
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-24970
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-24970.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-24970
- Aliases
- Downstream
- Related
- Published
- 2025-02-10T21:57:28Z
- Modified
- 2025-10-20T20:30:37.289210Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
- Details
-
Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.
- Database specific
{ "cwe_ids": [ "CWE-20" ] }- References
-
- https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw
- https://security.netapp.com/advisory/ntap-20250221-0005/
- https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4
- https://www.vicarius.io/vsociety/posts/cve-2025-24970-netty-vulnerability-detection
- https://www.vicarius.io/vsociety/posts/cve-2025-24970-netty-vulnerability-mitigation
Affected packages
Git / github.com/netty/netty
Affected versions
netty-4.*
netty-4.1.100.Final
netty-4.1.101.Final
netty-4.1.102.Final
netty-4.1.103.Final
netty-4.1.104.Final
netty-4.1.105.Final
netty-4.1.106.Final
netty-4.1.107.Final
netty-4.1.108.Final
netty-4.1.109.Final
netty-4.1.110.Final
netty-4.1.111.Final
netty-4.1.112.Final
netty-4.1.113.Final
netty-4.1.114.Final
netty-4.1.115.Final
netty-4.1.116.Final
netty-4.1.117.Final
netty-4.1.91.Final
netty-4.1.92.Final
netty-4.1.93.Final
netty-4.1.94.Final
netty-4.1.95.Final
netty-4.1.96.Final
netty-4.1.97.Final
netty-4.1.98.Final
netty-4.1.99.Final
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "327196958911654775033233893523275684115",
"length": 4637.0
},
"target": {
"function": "unwrap",
"file": "handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-228f3d02"
},
{
"digest": {
"function_hash": "35961428334426579318057934398862523417",
"length": 463.0
},
"target": {
"function": "getEncryptedPacketLength",
"file": "handler/src/main/java/io/netty/handler/ssl/SslUtils.java"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-294fa090"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"162836223154286822519253496353188499284",
"238501185824778325453627345215531888854",
"62672348546284849855254185327923350112",
"320518755436094748230072835696608214929",
"179003121674600762513072458184699691939",
"196731808465069326826250163880871164895",
"293768139970147265684483568064234533299",
"130965908581338178125306314952929953915",
"248338465975884435555699957515182847075",
"333028399328314467888469829473538463843",
"87107149554378743346270687220902522077",
"241010605719727007919221410589938074155",
"223201046909084534404342400163692306576",
"258978568152302968701904977486953637627",
"232590064636015548535185188991395605460",
"316275991008523866985873855084387913988",
"286971859537041867608312487328523026957",
"69640216362252378065488793001829424164",
"81778266504181631504650719252689267253",
"150017662555551297681444884776194248364",
"320932067500803612378441545534588179594",
"90948703836096124585039959699072361771",
"66307236719238303910096912021913734331",
"105022341408594805260448965249385112939",
"298975607911669047145762000111150490084",
"291278352054221005315856813849142535206",
"164018156464638368950442439347617538011",
"198612421374880620182625133854328550531",
"332053462910457597059881847874570019327",
"241010605719727007919221410589938074155",
"223201046909084534404342400163692306576"
]
},
"target": {
"file": "handler/src/main/java/io/netty/handler/ssl/SslUtils.java"
},
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-2a3f3972"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"61847757038835109877109668388264418431",
"56798105024475689476437797826150727290",
"244903697137627885139415911912138090441"
]
},
"target": {
"file": "handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java"
},
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-cd0e8eda"
},
{
"digest": {
"function_hash": "194913597819912680929490010766117765141",
"length": 1339.0
},
"target": {
"function": "getEncryptedPacketLength",
"file": "handler/src/main/java/io/netty/handler/ssl/SslUtils.java"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-eb7c333f"
},
{
"digest": {
"function_hash": "261304627989985208892904449465046704902",
"length": 1064.0
},
"target": {
"function": "getEncryptedPacketLength",
"file": "handler/src/main/java/io/netty/handler/ssl/SslUtils.java"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/netty/netty/commit/87f40725155b2f89adfde68c7732f97c153676c4",
"signature_version": "v1",
"id": "CVE-2025-24970-f95553ac"
}
]