FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Erlang/OTP -- buffer overflow parsing SCTP ERROR/ABORT chunks

Affected packages
erlang-runtime27 < 27.3.4.13
erlang-runtime28 < 28.5.0.2
erlang-runtime29 < 29.0.2

Details

VuXML ID d87db2a1-64d4-11f1-ab11-4c526214c986
Discovery 2026-06-10
Entry 2026-06-10

https://github.com/erlang/otp/security/advisories/GHSA-6f4f-chj5-5g97 reports:

A buffer overflow error when parsing SCTP ERROR or ABORT chunks has been fixed. This could lead to stack corruption and VM crash, but ultimately with hard work by an attacker be refined into maybe even remote code execution.

[source]

References

CVE Name CVE-2026-49759
URL https://github.com/erlang/otp/security/advisories/GHSA-6f4f-chj5-5g97

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.