CVE-2025-48041

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 Erlang OTP versions 27.3.4.3

Description An Allocation of Resources Without Limits or Throttling issue exists in the Erlang OTP ssh (ssh sftp modules), potentially leading to Excessive Allocation and Flooding. The vulnerability is associated with the ssh sftpd.erl file.

Recommendations Update Erlang OTP to a version later than 28.0.3. Update Erlang OTP to a version later than 26.2.5.15. Update Erlang OTP to a version later than 27.3.4.3.

Fix

DoS

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-770

Related Identifiers

AZL-67121

AZL-67124

BDU:2025-13918

CVE-2025-48041

DLA-4376-1

GHSA-79C4-CVV7-4QM3

OESA-2026-1030

OESA-2026-1031

OPENSUSE-SU-2025:15740-1

SUSE-SU-2025:3807-1

SUSE-SU-2025:4035-1

SUSE-SU-2025_3807-1

SUSE-SU-2025_4035-1

USN-7831-1

Affected Products

Debian

Erlang/Otp

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-48041

Weakness Enumeration

Related Identifiers

Affected Products

References · 42