vulnerability
Ubuntu: USN-7831-1 (CVE-2025-48040): Erlang vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 11, 2025 | Oct 22, 2025 | Oct 30, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 11, 2025
Added
Oct 22, 2025
Modified
Oct 30, 2025
Description
It was discovered that Erlang incorrectly handled resource allocation and
consumption in the SFTP SSH module. An attacker could possibly use this
issue cause Erlang to consume excessive resources, leading to a denial of
service.
Solutions
ubuntu-pro-upgrade-erlangubuntu-pro-upgrade-erlang-ssh
References
- CVE-2025-48040
- https://attackerkb.com/topics/CVE-2025-48040
- CWE-400
- CWE-770
- UBUNTU-USN-7831-1
- URL-https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph
- URL-https://ubuntu.com/security/notices/USN-7831-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-48040
- URL-https://www.erlang.org/doc/system/versions.html#order-of-versions
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.