{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Medium" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"netty security update", "category":"general", "title":"Synopsis" }, { "text":"An update for netty is now available for openEuler-24.03-LTS-SP2", "category":"general", "title":"Summary" }, { "text":"Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc < - %description help Man pages and other related documents for .\n\nSecurity Fix(es):\n\nNetty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return ( r) and Line Feed ( n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.(CVE-2025-59419)", "category":"general", "title":"Description" }, { "text":"An update for netty is now available for openEuler-24.03-LTS-SP2.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Medium", "category":"general", "title":"Severity" }, { "text":"netty", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2546", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2546" }, { "summary":"CVE-2025-59419", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-59419&packageName=netty" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59419" }, { "summary":"openEuler-SA-2025-2546 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openEuler-SA-2025-2546.json" } ], "title":"An update for netty is now available for openEuler-24.03-LTS-SP2", "tracking":{ "initial_release_date":"2025-11-06T17:04:01+08:00", "revision_history":[ { "date":"2025-11-06T17:04:01+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-11-06T17:04:01+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-11-06T17:04:01+08:00", "id":"openEuler-SA-2025-2546", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"openEuler-24.03-LTS-SP2", "name":"openEuler-24.03-LTS-SP2" }, "name":"openEuler-24.03-LTS-SP2", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"netty-4.1.13-24.oe2403sp2.aarch64.rpm", "name":"netty-4.1.13-24.oe2403sp2.aarch64.rpm" }, "name":"netty-4.1.13-24.oe2403sp2.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"netty-4.1.13-24.oe2403sp2.src.rpm", "name":"netty-4.1.13-24.oe2403sp2.src.rpm" }, "name":"netty-4.1.13-24.oe2403sp2.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"netty-4.1.13-24.oe2403sp2.x86_64.rpm", "name":"netty-4.1.13-24.oe2403sp2.x86_64.rpm" }, "name":"netty-4.1.13-24.oe2403sp2.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"netty-help-4.1.13-24.oe2403sp2.noarch.rpm", "name":"netty-help-4.1.13-24.oe2403sp2.noarch.rpm" }, "name":"netty-help-4.1.13-24.oe2403sp2.noarch.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"netty-4.1.13-24.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.aarch64", "name":"netty-4.1.13-24.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"netty-4.1.13-24.oe2403sp2.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.src", "name":"netty-4.1.13-24.oe2403sp2.src as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"netty-4.1.13-24.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.x86_64", "name":"netty-4.1.13-24.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"netty-help-4.1.13-24.oe2403sp2.noarch.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:netty-help-4.1.13-24.oe2403sp2.noarch", "name":"netty-help-4.1.13-24.oe2403sp2.noarch as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-59419", "notes":[ { "text":"Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return ( r) and Line Feed ( n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.src", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:netty-help-4.1.13-24.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.src", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:netty-help-4.1.13-24.oe2403sp2.noarch" ], "details":"netty security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2546" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.3, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.src", "openEuler-24.03-LTS-SP2:netty-4.1.13-24.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:netty-help-4.1.13-24.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-59419" } ] }