Ubuntu alert USN-7831-1 (erlang)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7831-1] Erlang vulnerabilities | |
| Date: | Tue, 21 Oct 2025 20:37:29 +0000 | |
| Message-ID: | <E1vBJ6n-0007qH-W9@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7831-1 October 21, 2025 erlang vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Erlang. Software Description: - erlang: Concurrent, real-time, distributed functional language Details: It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 erlang 1:27.3.4.1+dfsg-1ubuntu0.1 erlang-ssh 1:27.3.4.1+dfsg-1ubuntu0.1 Ubuntu 25.04 erlang 1:27.3+dfsg-1ubuntu1.3 erlang-ssh 1:27.3+dfsg-1ubuntu1.3 Ubuntu 24.04 LTS erlang 1:25.3.2.8+dfsg-1ubuntu4.5 erlang-ssh 1:25.3.2.8+dfsg-1ubuntu4.5 Ubuntu 22.04 LTS erlang 1:24.2.1+dfsg-1ubuntu0.6 erlang-ssh 1:24.2.1+dfsg-1ubuntu0.6 Ubuntu 20.04 LTS erlang 1:22.2.7+dfsg-1ubuntu0.5+esm1 Available with Ubuntu Pro erlang-ssh 1:22.2.7+dfsg-1ubuntu0.5+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS erlang 1:20.2.2+dfsg-1ubuntu2+esm2 Available with Ubuntu Pro erlang-ssh 1:20.2.2+dfsg-1ubuntu2+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS erlang 1:18.3-dfsg-1ubuntu3.1+esm2 Available with Ubuntu Pro erlang-ssh 1:18.3-dfsg-1ubuntu3.1+esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS erlang 1:16.b.3-dfsg-1ubuntu2.2+esm1 Available with Ubuntu Pro erlang-ssh 1:16.b.3-dfsg-1ubuntu2.2+esm1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7831-1 CVE-2025-48038, CVE-2025-48039, CVE-2025-48040, CVE-2025-48041 Package Information: https://launchpad.net/ubuntu/+source/erlang/1:27.3.4.1+df... https://launchpad.net/ubuntu/+source/erlang/1:27.3+dfsg-1... https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+df... https://launchpad.net/ubuntu/+source/erlang/1:24.2.1+dfsg...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmj37hYACgkQcpJm3tlz hgHq8Q//QlVILuqJP8b6KzRpd7hSYUqEISB2ottBDUMCEz3c8dHIz97APY+KGiz0 IGzRU1L4dZzg/DXAWNaTXWYRNH1JpsG6OPXSJS642BYPJFz2zGQo2/OlNUOAa/W7 L3HhgTcnddiqnfcYkb6mNh4JKfwGEiVsJ3+VV70k3lCBrj6x2VjEd/hNuQAf3oho bvwMTrGF5awSg4v0+sYA8ObziHZ822szk+fQ8wBb+ez4X3CyzHIdTypbPHQzt4fF uDpe6DHew+sQOnNVOWebztCxToCRJoLRWHzSzVF1kF6ofrYHw0/cPhgMH3D7rjCi rObLYudWZlsOQ3kyNFk6VccJkjuvAX++1pYXfa1RDq3ax9R6ReoB7bJL/sZB3DFS waxntdz9p6lb6Rla0QdOBHG8d8Q3Wv/9irV9az4iN2ggN9qnZXl3jEbj1BsGtHgE weflrndTH6+lPT425yTbYGiRbBCHUvWF8UYygsRsZS9MhYk6Z4wGE84ztrwNZuRq hws2Ra5XaYXzfRYuGRzMh1G9mnC5mFHct11jORpKurDMEPDIafI2uuy+lEO5mzSE G8WXeILugc4sBxtHyJRJVa4yF/PYd39baolh/YHtXOvXck9yghD16b65T1P7zO0Z IEW9RKhVhpCts+bXUkB4UaZeOeYfDbLx8ZtPGBGoUTBjogINB8M= =acD1 -----END PGP SIGNATURE-----