Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
Red Hat JBoss Enterprise Application Platform 7. 4. 22 addresses multiple security vulnerabilities including denial of service issues in Netty components and an improper RBAC permission in Wildfly. These vulnerabilities can lead to application crashes or unauthorized access control bypass. The update replaces version 7. 4. 21 and includes important security fixes and enhancements. Red Hat has released this update as an important security advisory and recommends applying it after ensuring all previous errata are installed and backing up existing installations.
AI Analysis
Technical Summary
This advisory covers security fixes in Red Hat JBoss Enterprise Application Platform 7.4.22, which updates components such as io.netty/netty-handler, io.netty/netty, netty-common, and org.wildfly.core/wildfly-server. The key vulnerabilities addressed include CVE-2024-47535 and CVE-2025-25193, both denial of service vulnerabilities affecting Windows applications using Netty, CVE-2025-24970 where SslHandler fails to correctly validate packets potentially causing native crashes with native SSLEngine, and CVE-2025-23367 involving improper RBAC permissions in Wildfly. These fixes mitigate risks of service disruption and unauthorized permission escalation. The update is intended for Red Hat JBoss EAP 7.4 on RHEL 8 and replaces the prior 7.4.21 release.
Potential Impact
The vulnerabilities fixed in this update can cause denial of service conditions on Windows applications using Netty, potentially leading to application crashes or service interruptions. The improper RBAC permission vulnerability could allow unauthorized users to gain elevated access within Wildfly, impacting application security. The SslHandler validation flaw may cause native crashes when using native SSLEngine, affecting application stability. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released an official security update in version 7.4.22 of JBoss Enterprise Application Platform that addresses these vulnerabilities. Users should apply this update after confirming all previous relevant errata are installed and backing up their systems. Detailed update instructions are available from Red Hat's official documentation. Since this is not a cloud service, remediation requires manual patching by the user. Patch status is confirmed as fixed in this release.
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update
Description
Red Hat JBoss Enterprise Application Platform 7. 4. 22 addresses multiple security vulnerabilities including denial of service issues in Netty components and an improper RBAC permission in Wildfly. These vulnerabilities can lead to application crashes or unauthorized access control bypass. The update replaces version 7. 4. 21 and includes important security fixes and enhancements. Red Hat has released this update as an important security advisory and recommends applying it after ensuring all previous errata are installed and backing up existing installations.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security fixes in Red Hat JBoss Enterprise Application Platform 7.4.22, which updates components such as io.netty/netty-handler, io.netty/netty, netty-common, and org.wildfly.core/wildfly-server. The key vulnerabilities addressed include CVE-2024-47535 and CVE-2025-25193, both denial of service vulnerabilities affecting Windows applications using Netty, CVE-2025-24970 where SslHandler fails to correctly validate packets potentially causing native crashes with native SSLEngine, and CVE-2025-23367 involving improper RBAC permissions in Wildfly. These fixes mitigate risks of service disruption and unauthorized permission escalation. The update is intended for Red Hat JBoss EAP 7.4 on RHEL 8 and replaces the prior 7.4.21 release.
Potential Impact
The vulnerabilities fixed in this update can cause denial of service conditions on Windows applications using Netty, potentially leading to application crashes or service interruptions. The improper RBAC permission vulnerability could allow unauthorized users to gain elevated access within Wildfly, impacting application security. The SslHandler validation flaw may cause native crashes when using native SSLEngine, affecting application stability. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released an official security update in version 7.4.22 of JBoss Enterprise Application Platform that addresses these vulnerabilities. Users should apply this update after confirming all previous relevant errata are installed and backing up their systems. Detailed update instructions are available from Red Hat's official documentation. Since this is not a cloud service, remediation requires manual patching by the user. Patch status is confirmed as fixed in this release.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:4549
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-24970","CVE-2025-25193"]
- Cvss Version
- null
Threat ID: 6a1df669e29bf47b50461681
Added to database: 6/1/2026, 9:15:21 PM
Last enriched: 6/1/2026, 9:19:20 PM
Last updated: 6/2/2026, 6:09:42 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.