PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-55952 Erlang CVE debrief

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. This vulnerability allows an unauthenticated remote attacker to send a single crafted ClientHello to a TLS 1.3 server with session tickets enabled and permanently disrupt session ticket handling on that listener.

Vendor
Erlang
Product
OTP
CVSS
HIGH 8.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-02
Original CVE updated
2026-07-07
Advisory published
2026-07-02
Advisory updated
2026-07-07

Who should care

Users of Erlang/OTP versions from 22.2 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 9.5 before 11.7.3, 11.6.0.3 and 11.2.12.10 should be aware of this vulnerability and take necessary actions to mitigate it.

Technical summary

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with a mismatched number of identities and binders is forwarded directly to tls_server_session_ticket:use/4, which crashes the session ticket handler process. An unauthenticated remote attacker can send a single crafted ClientHello to a TLS 1.3 server with session tickets enabled (stateful or stateless mode) and permanently disrupt session ticket handling on that listener. New TLS 1.3 handshakes complete but subsequently crash when the server attempts to issue a session ticket, effectively making TLS 1.3 unusable on the affected listener until the ssl application is restarted. TLS 1.2 connections are not affected.

Defensive priority

High

Recommended defensive actions

  • Update Erlang/OTP to version 29.0.3, 28.5.0.3 or 27.3.4.14
  • Update ssl to version 11.7.3, 11.6.0.3 or 11.2.12.10
  • Implement compensating controls such as monitoring and exception tracking
  • Consider disabling session tickets if not required
  • Review and verify affected systems for exposure
  • Track and monitor for potential exploitation attempts
  • Confirm and document remediation efforts

Evidence notes

The CVE record was published on 2026-07-02T17:17:03.067Z and has been modified on 2026-07-07T14:44:47.327Z. The NVD entry is currently Analyzed. This issue affects OTP from 22.2 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 9.5 before 11.7.3, 11.6.0.3 and 11.2.12.10. Users should verify their deployments and apply necessary updates or mitigations.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-02T17:17:03.067Z and has not been modified since then. The NVD entry is currently Analyzed.