Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Mageia 10 Erlang Important SFTP Info Leak Vuln 2026-0270

mageia
Calendar Grey July 19, 2026
Scroller Mageia
Critical update for Mageia addressing sensitive SFTP leak issues in Erlang packages. Immediate action recommended to secure systems.
Security update

Summary

Description: The updated packages fix a security vulnerability: SFTP READLINK response leaks absolute backend filesystem path when root is configured. (CVE-2026-48855)

References

- https://bugs.mageia.org/show_bug.cgi?id=35839

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O2CL6CSAYWT3KK6GLRNIWD7YDNMWHJ4N/

- https://github.com/erlang/otp/security/advisories/GHSA-pv7g-pjrq-x2fh

- https://cna.erlef.org/cves/CVE-2026-48855.html

- https://osv.dev/vulnerability/EEF-CVE-2026-48855

- https://www.cve.org/CVERecord?id=CVE-2026-48855

Resolution

SRPMS

- 10/core/erlang-27.3.4.13-1.mga10

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 19 Jul 2026 
URL: https://advisories.mageia.org/MGASA-2026-0270.html
Type: security
CVE: CVE-2026-48855

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.