摘要:
erlang security update
安全等级: Critical
公告ID: KylinSec-SA-2025-2559
发布日期: 2025年7月4日
关联CVE: CVE-2025-32433
安全修复项:
Erlang/OTP 是一套 Erlang 编程语言的库集合。在 OTP-27.3.3、OTP-26.2.5.11 和 OTP-25.3.2.20 之前的版本中,SSH 服务器可能存在漏洞,允许攻击者执行未经验证的远程代码执行(RCE)。通过利用 SSH 协议消息处理中的缺陷,恶意攻击者可以在没有有效凭证的情况下获取对受影响系统的未授权访问并执行任意命令。此问题已在 OTP-27.3.3、OTP-26.2.5.11 和 OTP-25.3.2.20 版本中修复。临时解决方案包括禁用 SSH 服务器或通过防火墙规则限制访问。(CVE-2025-32433)
cve名称 | 产品 | 组件 | 是否受影响 |
---|---|---|---|
CVE-2025-32433 | KY3.4-5 | erlang | Fixed |
CVE-2025-32433 | KY3.5.3 | erlang | Fixed |
CVE-2025-32433 | V6 | erlang | Fixed |
软件名称 | 架构 | 版本号 |
---|---|---|
erlang | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-asn1 | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-common_test | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-compiler | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-crypto | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-dialyzer | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-diameter | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-edoc | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-eldap | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-erl_docgen | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-erl_interface | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-erts | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-et | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-eunit | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-examples | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-ftp | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-hipe | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-inets | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-jinterface | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-kernel | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-megaco | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-mnesia | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-observer | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-odbc | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-os_mon | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-otp_mibs | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-parsetools | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-public_key | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-reltool | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-runtime_tools | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-sasl | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-snmp | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-ssh | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-ssl | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-stdlib | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-syntax_tools | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-tftp | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-tools | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-wx | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang-xmerl | x86_64 | 21.3.3-6.kb1.ky3_4 |
erlang | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-asn1 | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-common_test | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-compiler | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-crypto | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-dialyzer | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-diameter | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-edoc | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-eldap | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-erl_docgen | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-erl_interface | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-erts | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-et | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-eunit | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-examples | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-ftp | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-hipe | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-inets | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-jinterface | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-kernel | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-megaco | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-mnesia | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-observer | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-odbc | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-os_mon | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-otp_mibs | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-parsetools | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-public_key | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-reltool | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-runtime_tools | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-sasl | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-snmp | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-ssh | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-ssl | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-stdlib | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-syntax_tools | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-tftp | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-tools | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-wx | aarch64 | 21.3.3-6.kb1.ky3_4 |
erlang-xmerl | aarch64 | 21.3.3-6.kb1.ky3_4 |
软件名称 | 架构 | 版本号 |
---|---|---|
erlang | x86_64 | 25.3.2.6-7.ks6 |
erlang-asn1 | x86_64 | 25.3.2.6-7.ks6 |
erlang-common_test | x86_64 | 25.3.2.6-7.ks6 |
erlang-compiler | x86_64 | 25.3.2.6-7.ks6 |
erlang-crypto | x86_64 | 25.3.2.6-7.ks6 |
erlang-dialyzer | x86_64 | 25.3.2.6-7.ks6 |
erlang-diameter | x86_64 | 25.3.2.6-7.ks6 |
erlang-edoc | x86_64 | 25.3.2.6-7.ks6 |
erlang-eldap | x86_64 | 25.3.2.6-7.ks6 |
erlang-erl_docgen | x86_64 | 25.3.2.6-7.ks6 |
erlang-erl_interface | x86_64 | 25.3.2.6-7.ks6 |
erlang-erts | x86_64 | 25.3.2.6-7.ks6 |
erlang-et | x86_64 | 25.3.2.6-7.ks6 |
erlang-eunit | x86_64 | 25.3.2.6-7.ks6 |
erlang-examples | x86_64 | 25.3.2.6-7.ks6 |
erlang-ftp | x86_64 | 25.3.2.6-7.ks6 |
erlang-inets | x86_64 | 25.3.2.6-7.ks6 |
erlang-jinterface | x86_64 | 25.3.2.6-7.ks6 |
erlang-kernel | x86_64 | 25.3.2.6-7.ks6 |
erlang-megaco | x86_64 | 25.3.2.6-7.ks6 |
erlang-mnesia | x86_64 | 25.3.2.6-7.ks6 |
erlang-observer | x86_64 | 25.3.2.6-7.ks6 |
erlang-odbc | x86_64 | 25.3.2.6-7.ks6 |
erlang-os_mon | x86_64 | 25.3.2.6-7.ks6 |
erlang-parsetools | x86_64 | 25.3.2.6-7.ks6 |
erlang-public_key | x86_64 | 25.3.2.6-7.ks6 |
erlang-reltool | x86_64 | 25.3.2.6-7.ks6 |
erlang-runtime_tools | x86_64 | 25.3.2.6-7.ks6 |
erlang-sasl | x86_64 | 25.3.2.6-7.ks6 |
erlang-snmp | x86_64 | 25.3.2.6-7.ks6 |
erlang-src | x86_64 | 25.3.2.6-7.ks6 |
erlang-ssh | x86_64 | 25.3.2.6-7.ks6 |
erlang-ssl | x86_64 | 25.3.2.6-7.ks6 |
erlang-stdlib | x86_64 | 25.3.2.6-7.ks6 |
erlang-syntax_tools | x86_64 | 25.3.2.6-7.ks6 |
erlang-tftp | x86_64 | 25.3.2.6-7.ks6 |
erlang-tools | x86_64 | 25.3.2.6-7.ks6 |
erlang-wx | x86_64 | 25.3.2.6-7.ks6 |
erlang-xmerl | x86_64 | 25.3.2.6-7.ks6 |
erlang | aarch64 | 25.3.2.6-7.ks6 |
erlang-asn1 | aarch64 | 25.3.2.6-7.ks6 |
erlang-common_test | aarch64 | 25.3.2.6-7.ks6 |
erlang-compiler | aarch64 | 25.3.2.6-7.ks6 |
erlang-crypto | aarch64 | 25.3.2.6-7.ks6 |
erlang-dialyzer | aarch64 | 25.3.2.6-7.ks6 |
erlang-diameter | aarch64 | 25.3.2.6-7.ks6 |
erlang-edoc | aarch64 | 25.3.2.6-7.ks6 |
erlang-eldap | aarch64 | 25.3.2.6-7.ks6 |
erlang-erl_docgen | aarch64 | 25.3.2.6-7.ks6 |
erlang-erl_interface | aarch64 | 25.3.2.6-7.ks6 |
erlang-erts | aarch64 | 25.3.2.6-7.ks6 |
erlang-et | aarch64 | 25.3.2.6-7.ks6 |
erlang-eunit | aarch64 | 25.3.2.6-7.ks6 |
erlang-examples | aarch64 | 25.3.2.6-7.ks6 |
erlang-ftp | aarch64 | 25.3.2.6-7.ks6 |
erlang-inets | aarch64 | 25.3.2.6-7.ks6 |
erlang-jinterface | aarch64 | 25.3.2.6-7.ks6 |
erlang-kernel | aarch64 | 25.3.2.6-7.ks6 |
erlang-megaco | aarch64 | 25.3.2.6-7.ks6 |
erlang-mnesia | aarch64 | 25.3.2.6-7.ks6 |
erlang-observer | aarch64 | 25.3.2.6-7.ks6 |
erlang-odbc | aarch64 | 25.3.2.6-7.ks6 |
erlang-os_mon | aarch64 | 25.3.2.6-7.ks6 |
erlang-parsetools | aarch64 | 25.3.2.6-7.ks6 |
erlang-public_key | aarch64 | 25.3.2.6-7.ks6 |
erlang-reltool | aarch64 | 25.3.2.6-7.ks6 |
erlang-runtime_tools | aarch64 | 25.3.2.6-7.ks6 |
erlang-sasl | aarch64 | 25.3.2.6-7.ks6 |
erlang-snmp | aarch64 | 25.3.2.6-7.ks6 |
erlang-src | aarch64 | 25.3.2.6-7.ks6 |
erlang-ssh | aarch64 | 25.3.2.6-7.ks6 |
erlang-ssl | aarch64 | 25.3.2.6-7.ks6 |
erlang-stdlib | aarch64 | 25.3.2.6-7.ks6 |
erlang-syntax_tools | aarch64 | 25.3.2.6-7.ks6 |
erlang-tftp | aarch64 | 25.3.2.6-7.ks6 |
erlang-tools | aarch64 | 25.3.2.6-7.ks6 |
erlang-wx | aarch64 | 25.3.2.6-7.ks6 |
erlang-xmerl | aarch64 | 25.3.2.6-7.ks6 |
软件名称 | 架构 | 版本号 |
---|---|---|
erlang | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-asn1 | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-common_test | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-compiler | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-crypto | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-dialyzer | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-diameter | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-edoc | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-eldap | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erl_docgen | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erl_interface | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erts | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-et | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-eunit | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-examples | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ftp | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-hipe | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-inets | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-jinterface | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-kernel | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-megaco | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-mnesia | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-observer | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-odbc | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-os_mon | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-parsetools | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-public_key | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-reltool | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-runtime_tools | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-sasl | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-snmp | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ssh | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ssl | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-stdlib | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-syntax_tools | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-tftp | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-tools | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-wx | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-xmerl | x86_64 | 23.3.4.9-6.ky3_5.kb1 |
erlang | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-asn1 | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-common_test | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-compiler | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-crypto | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-dialyzer | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-diameter | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-edoc | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-eldap | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erl_docgen | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erl_interface | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-erts | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-et | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-eunit | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-examples | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ftp | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-hipe | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-inets | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-jinterface | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-kernel | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-megaco | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-mnesia | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-observer | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-odbc | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-os_mon | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-parsetools | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-public_key | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-reltool | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-runtime_tools | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-sasl | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-snmp | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ssh | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-ssl | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-stdlib | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-syntax_tools | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-tftp | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-tools | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-wx | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
erlang-xmerl | aarch64 | 23.3.4.9-6.ky3_5.kb1 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名