CVE Catalog

CVE-2026-49760

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

3th percentile — higher than 3% of all known CVEs

Summary

A stack-based buffer overflow vulnerability in Erlang OTP (erl_interface) allows for stack buffer overflow. The issue occurs in the ei_s_print_term function, which uses an internal 2000-character stack buffer to format terms.

Risk Assessment

Exploitation of this vulnerability may lead to Denial of Service, potentially disrupting the availability of applications using Erlang OTP in affected versions.

Recommendation

It is recommended to upgrade to Erlang OTP versions 27.3.4.13, 28.5.0.2, or 29.0.2 to mitigate this vulnerability.

Original NVD description (English source)

Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl_interface/src/misc/ei_printterm.c and program routine ei_s_print_term. The C function ei_s_print_term uses an internal 2000-character stack buffer to format terms. When called with an encoded Erlang term containing a very large integer (encoded representation exceeding 2000 characters), the buffer overflows. The overflow bytes are restricted to the ASCII values of 0-9 and A-F, which limits exploitation to Denial of Service. The companion function ei_print_term, which prints directly to a FILE instead of a memory buffer, does not contain this bug. This issue affects OTP from OTP 17.0 before 27.3.4.13, 28.5.0.2 and 29.0.2, corresponding to erl_interface from 3.7.16 before 5.5.2.1, 5.7.0.1 and 5.8.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS