Fedora 39 37 35 33 31 Umbra Key Updates Access USN-9201-3
ubuntu
April 2, 2026
Undertow would allow unintended access to user sessions over the network.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Undertow would allow unintended access to user sessions over the network. Software Description: - undertow: Java web server based on non-blocking IO Details: It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain unintended access to user sessions.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libundertow-java 2.3.8-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libundertow-java 2.2.16-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libundertow-java 2.0.29-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libundertow-java 1.4.23-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libundertow-java 1.3.16-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-8144-1
CVE-2025-12543
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8144-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!