Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 734
Alerts This Week
Warning Icon 1 734

Ubuntu 25.10: Netty Important Email Spoofing Vuln USN-7843-1

ubuntu
Calendar Grey October 30, 2025
Dist Ubuntu Esm H88
A critical Netty vulnerability in Ubuntu allows email spoofing from login accounts through crafted input.
Netty could be made to send emails as your login if it received specially crafted input.

Summary

Netty could be made to send emails as your login if it received specially

crafted input.

Software Description:

- netty: Java NIO client/server socket framework

Details:

It was discovered that Netty did not properly handle user input. A remote

attacker could possibly use this issue to forge arbitrary emails from a

trusted server.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libnetty-java                   1:4.1.48-10ubuntu0.25.10.1

Ubuntu 25.04
  libnetty-java                   1:4.1.48-10ubuntu0.25.04.1

Ubuntu 24.04 LTS
  libnetty-java                   1:4.1.48-9ubuntu0.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libnetty-java                   1:4.1.48-4+deb11u2ubuntu0.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libnetty-java                   1:4.1.45-1ubuntu0.1~esm3
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libnetty-java                   1:4.1.7-4ubuntu0.1+esm4
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7843-1

CVE-2025-59419

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7843-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.