Critical Information Disclosure Fix for Erlang in Fedora 43 and 44

Fedora has released important updates for Erlang to address CVE-2026-48855, a vulnerability that allows information disclosure through symlink resolution in SFTP. This flaw affects users of Fedora 43 and 44, with the fix backported by Peter Lemenkov. The CVE was published on June 10, 2026, and the updates were made available on June 13, 2026. Users are advised to upgrade their systems using the 'dnf' update program to mitigate the risk. The vulnerability could potentially expose sensitive information, impacting security for applications relying on Erlang's SSH capabilities. The updates are critical for maintaining system integrity and user privacy.

Key Points: • CVE-2026-48855 allows information disclosure via symlink resolution in SFTP. • Fedora 43 and 44 users are affected; updates were released on June 13, 2026. • Users should apply the patch using the 'dnf' update program to secure their systems.