PT-2025-37163 · Ssh+5 · Ssh+5

Ingela Andin

Publicado

2025-09-11

Atualizado

2026-06-05

CVE-2025-48039

CVSS v4.0

5.3

Média

Vetor

AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3

Description An Allocation of Resources Without Limits or Throttling issue exists in Erlang OTP ssh (ssh sftp modules), potentially leading to Excessive Allocation and Resource Leak Exposure. The issue is associated with the ssh sftpd.erl file.

Recommendations Update Erlang OTP to a version later than 28.0.3. Update ssh to a version later than 5.3.3. Update ssh to a version later than 5.2.11.3. Update ssh to a version later than 5.1.4.12.

Correção

DoS

Allocation of Resources Without Limits

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770CWE-400

Identificadores relacionados

AZL-67127

AZL-67130

BDU:2025-13916

CVE-2025-48039

DLA-4376-1

GHSA-RR5P-6856-J7H8

OESA-2026-1027

OESA-2026-1028

OESA-2026-1029

OESA-2026-1030

OESA-2026-1031

OESA-2026-1032

OPENSUSE-SU-2026:10947-1

OPENSUSE-SU-2026:20043-1

SUSE-SU-2026:0023-1

SUSE-SU-2026:0661-1

SUSE-SU-2026:20088-1

USN-7831-1

Produtos afetados

Debian

Erlang/Otp

Linuxmint

Red Os

Ubuntu

Ssh

PT-2025-37163 · Ssh+5 · Ssh+5

CVE-2025-48039

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 66