========================================================================== Ubuntu Security Notice USN-7443-2 April 23, 2025
erlang vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 Summary: Erlang could be made to run programs if it received specially crafted network traffic. Software Description: - erlang: Concurrent, real-time, distributed functional language Details: USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 25.04. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 erlang 1:27.3+dfsg-1ubuntu1.1 erlang-ssh 1:27.3+dfsg-1ubuntu1.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7443-2 https://ubuntu.com/security/notices/USN-7443-1 CVE-2025-32433 Package Information: https://launchpad.net/ubuntu/+source/erlang/1:27.3+dfsg-1ubuntu1.1
OpenPGP_signature.asc
Description: OpenPGP digital signature
