CVE-2025-30211

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions prior to 27.3.1 Erlang/OTP versions prior to 26.2.5.10 Erlang/OTP versions prior to 25.3.2.19

Description A maliciously formed KEX init message can result in high memory usage due to the implementation not verifying RFC specified limits on algorithm names provided in the KEX init message. This can lead to inefficient processing of error data and a large amount of memory being allocated for processing malicious data.

Recommendations For versions prior to 27.3.1, update to version 27.3.1 or later. For versions prior to 26.2.5.10, update to version 26.2.5.10 or later. For versions prior to 25.3.2.19, update to version 25.3.2.19 or later. As a temporary workaround, consider setting the option parallel login to false and/or reducing the max sessions option to minimize the risk of exploitation.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-789

Related Identifiers

AZL-59350

AZL-59358

BDU:2025-05984

CVE-2025-30211

DLA-4132-1

DSA-5906-1

GHSA-VVR3-FJHH-CFWC

OESA-2025-1363

OESA-2025-1364

OESA-2025-1490

OESA-2025-1491

OESA-2025-1492

OPENSUSE-SU-2025_1356-1

SUSE-SU-2025:1356-1

SUSE-SU-2025_1356-1

USN-7425-1

Affected Products

Astra Linux

Debian

Erlang/Otp

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-30211

Weakness Enumeration

Related Identifiers

Affected Products

References · 50