Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for netty, netty-tcnative fixes the following issue This update for netty, netty-tcnative fixes the following issues Upgrade netty to upstream version 4.1.135, netty-tcnative to upstream version 2.0.79: * CVE-2026-44249: IPv6 Subnet Filter Bypass via Incorrect Comparator Masking (bsc#1268165). * CVE-2026-44250: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays (bsc#1268169). * CVE-2026-44890: Unbounded Direct Memory Consumption in RedisDecoder (bsc#1268170). * CVE-2026-44893: netty-codec-haproxy: Denial of Service via malformed HAProxy message (bsc#1268244). * CVE-2026-45416: SNI handler pre-allocates up to 16 MiB from nine attacker bytes (bsc#1268246). * CVE-2026-45536: Unix-socket fd receive leaks descriptors when peer sends two at once (bsc#1268247).
* bsc#1268165
* bsc#1268169
* bsc#1268170
* bsc#1268244
* bsc#1268246
* bsc#1268247
* bsc#1268248
* bsc#1268249
* bsc#1268250
* bsc#1268251
* bsc#1268252
* bsc#1268255
* bsc#1268257
* bsc#1268258
* bsc#1268259
* bsc#1268260
* bsc#1268261
* bsc#1268262
Cross-
* CVE-2026-44249
* CVE-2026-44250
* CVE-2026-44890
* CVE-2026-44893
* CVE-2026-45416
* CVE-2026-45536
* CVE-2026-45673
* CVE-2026-45674
* CVE-2026-46340
* CVE-2026-47244
* CVE-2026-47691
* CVE-2026-48006
* CVE-2026-48043
* CVE-2026-48059
* CVE-2026-50010
* CVE-2026-50011
* CVE-2026-50020
* CVE-2026-50560
CVSS scores:
* CVE-2026-44249 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-44249 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Get the latest Linux and open source security news straight to your inbox.