IBM Support

PH64741:IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty (CVE-2024-47535 CVSS 5.5)

Download


Downloadable File

File link File size File description

Abstract

IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty (CVE-2024-47535 CVSS 5.5)

Download Description

PH64741 resolves the following problem:

ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty (CVE-2024-47535 CVSS 5.5)

PROBLEM SUMMARY:
IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty (CVE-2024-47535 CVSS 5.5)

PROBLEM CONCLUSION:
Confidential for CVE-2024-47535.

The fix for this APAR is targeted for inclusion in 25.0.0.2.

For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553

This fix supersedes (includes) the fix for PH63533

Prerequisites

None

Download Package

 
IMPORTANT NOTE:
WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. 

Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages.
DOWNLOAD RELEASE DATE SIZE(Bytes)

URL

24.0.0.9-WS-WLP-IFPH64741 27 January 2025 23352965 FC
24.0.0.12-WS-WLP-IFPH64741 27 January 2025 23335157 FC
25.0.0.1-WS-WLP-IFPH64741 27 January 2025 23337705 FC
24009-wlp-archive-IFPH64741 27 January 2025 23287049 FC
25001-wlp-archive-IFPH64741 27 January 2025 23271651 FC
240012-wlp-archive-IFPH64741 27 January 2025 23269104 FC
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.

Problems Solved

PH64741, PH63533

On

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"24.0.0.12;24.0.0.9;25.0.0.1","Edition":"Base","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"}}]

Document Information

Modified date:
29 January 2025

UID

ibm17181824