========================================================================== Ubuntu Security Notice USN-7425-1 April 08, 2025
erlang vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Erlang could be made to consume large amount of memory. Software Description: - erlang: Concurrent, real-time, distributed functional language Details: It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 erlang 1:25.3.2.12+dfsg-1ubuntu2.2 erlang-ssh 1:25.3.2.12+dfsg-1ubuntu2.2 Ubuntu 24.04 LTS erlang 1:25.3.2.8+dfsg-1ubuntu4.2 erlang-ssh 1:25.3.2.8+dfsg-1ubuntu4.2 Ubuntu 22.04 LTS erlang 1:24.2.1+dfsg-1ubuntu0.3 erlang-ssh 1:24.2.1+dfsg-1ubuntu0.3 Ubuntu 20.04 LTS erlang 1:22.2.7+dfsg-1ubuntu0.4 erlang-ssh 1:22.2.7+dfsg-1ubuntu0.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7425-1 CVE-2025-30211 Package Information: https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.12+dfsg-1ubuntu2.2 https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+dfsg-1ubuntu4.2 https://launchpad.net/ubuntu/+source/erlang/1:24.2.1+dfsg-1ubuntu0.3 https://launchpad.net/ubuntu/+source/erlang/1:22.2.7+dfsg-1ubuntu0.4
OpenPGP_signature.asc
Description: OpenPGP digital signature
