CVE-2025-26618
published 2025-02-20CVE-2025-26618: Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set…
PriorityP335high7CVSS 4.0
AVNACHATNPRLUINVCNVINVAHSCNSINSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.46%
36.5th percentile
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are no known workarounds for this vulnerability.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | erlang | < erlang 1:25.2.3+dfsg-1+deb12u1 (bookworm) | erlang 1:25.2.3+dfsg-1+deb12u1 (bookworm) |
| erlang | otp | < OTP-25.3.2.18 | OTP-25.3.2.18 |
| erlang | otp | — | — |
| erlang | otp | — | — |
| msrc | azl3_erlang_26.2.5.6-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_erlang_26.2.5.9-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_erlang_25.2-3_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv4.07.0HIGHCVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv7.0HIGH
vendor_debian7.0HIGH
vendor_msrc7.0HIGH
vendor_redhat7.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Erlang vulnerability
vendor_ubuntu·2025-03-03
CVE-2025-26618 Erlang vulnerability
Title: Erlang vulnerability
Summary: Erlang could be made to consume resources if it received specially crafted
network traffic.
It was discovered that Erlang incorrectly handled SFTP packet sizes. A
remote attacker could possibly use this issue to cause Erlang to consume
resources, resulting in a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP
vendor_redhat·2025-02-20·CVSS 7.0
CVE-2025-26618 [HIGH] CWE-789 otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP
otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has
Microsoft
SSH SFTP packet size not verified properly in Erlang OTP
vendor_msrc·2025-02-11·CVSS 7.0
CVE-2025-26618 [HIGH] CWE-789 SSH SFTP packet size not verified properly in Erlang OTP
SSH SFTP packet size not verified properly in Erlang OTP
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https:
Debian
CVE-2025-26618: erlang - Erlang is a programming language and runtime system for building massively scala...
vendor_debian·2025·CVSS 7.0
CVE-2025-26618 [HIGH] CVE-2025-26618: erlang - Erlang is a programming language and runtime system for building massively scala...
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are
OSV
CVE-2025-26618: Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability
osv·2025-02-20·CVSS 7.0
CVE-2025-26618 [HIGH] CVE-2025-26618: Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-02-20
Published