CVE-2025-32433

Publication date 16 April 2025

Last updated 17 April 2025

Ubuntu priority

Why this priority?

Unauthenticated Remote Code Execution in Erlang/OTP SSH

Why is this CVE high priority?

unauthenticated remote code execution (RCE)

Learn more about Ubuntu priority

Status

Show unmaintained releases

Package	Ubuntu Release	Status
erlang	24.10 oracular	Fixed 1:25.3.2.12+dfsg-1ubuntu2.3
	24.04 LTS noble	Fixed 1:25.3.2.8+dfsg-1ubuntu4.3
	22.04 LTS jammy	Fixed 1:24.2.1+dfsg-1ubuntu0.4
	20.04 LTS focal	Fixed 1:22.2.7+dfsg-1ubuntu0.5
	18.04 LTS bionic	Needs evaluation
	16.04 LTS xenial	Needs evaluation
	14.04 LTS trusty	Needs evaluation

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
erlang	Upstream: 6eef041 Upstream: 0fcd9c5

References

Related Ubuntu Security Notices (USN)

USN-7443-1
Erlang vulnerability
17 April 2025

Other references