Bug 2394521 (CVE-2025-48040)
| Summary: | CVE-2025-48040 erlang: Erlang Excessive Resource Consumption | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | eglynn, jjoyce, jschluet, lhh, lsvaty, mburns, mgarciac, pgrist |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A resource exhaustion flaw has been discovered in the Erlang OTP. Malicious key exchange messages may lead to excessive CPU and memory usage due to overly tolerant handling of data received from unauthenticated users.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2394720, 2394721, 2394722, 2394723 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2025-09-11 09:01:15 UTC
|