Overview

File _patchinfo of Package patchinfo.37958

<patchinfo incident="37958">
  <issue tracker="bnc" id="1240390">VUL-0: CVE-2025-30211: erlang,erlang26: KEX init error results with excessive memory usage</issue>
  <issue tracker="bnc" id="1237467">VUL-0: CVE-2025-26618: erlang,erlang26: otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP</issue>
  <issue tracker="bnc" id="1241300">VUL-0: CVE-2025-32433: erlang,erlang26: Unauthenticated Remote Code Execution in Erlang/OTP SSH</issue>
  <issue tracker="cve" id="2025-32433"/>
  <issue tracker="cve" id="2025-30211"/>
  <issue tracker="cve" id="2025-26618"/>
  <packager>simotek</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for erlang</summary>
  <description>This update for erlang fixes the following issues:

- CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH (bsc#1241300)
- CVE-2025-30211: Fixed a bug in KEX init error that could result with an excessive memory usage (bsc#1240390)
- CVE-2025-26618: Fixed SSH SFTP packet size not verified properly in OTP (bsc#1237467)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places