CVE-2025-48041: 
CBL Mariner vulnerability analysis and mitigation

A resource allocation vulnerability (CVE-2025-48041) was discovered in Erlang OTP's SSH SFTP modules, specifically affecting the SSH_FXP_OPENDIR operation. The vulnerability was disclosed on September 11, 2025, affecting OTP versions from 17.0 up to 28.0.3, 27.3.4.3, and 26.2.5.15, corresponding to SSH versions from 3.0.1 up to 5.3.3, 5.2.11.3, and 5.1.4.12 (EEF Advisory).

The vulnerability stems from the SSH_FXP_OPENDIR operation's handling of file handles in the Erlang Virtual Machine (VM). While the operation creates file handles within the Erlang VM, it does not allocate corresponding OS-level file handles. This bypasses operating system-level limitations on file handle allocation. The vulnerability has been assigned a CVSS v4.0 base score of 7.1 (High), with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N, indicating network accessibility with low attack complexity (EEF Advisory).

The vulnerability can lead to resource exhaustion as the list of file handles within the Erlang VM can grow unchecked, potentially affecting system stability. This is particularly concerning as it can impact the availability of the server running the Erlang VM (EEF Advisory, Red Hat).

Temporary workarounds include disabling SFTP or limiting the number of max_sessions allowed for sshd to make exploitation more complicated. For a permanent fix, users should upgrade to the patched versions: OTP 28.0.3, 27.3.4.3, or 26.2.5.15, which correspond to SSH versions 5.3.3, 5.2.11.3, or 5.1.4.12 respectively (EEF Advisory).