Infinite loop in otp - CVE-2026-54886
Published: July 2, 2026
otp
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to an infinite loop in handle_data/4 in ssh_sftpd.erl when processing SSH_MSG_CHANNEL_EXTENDED_DATA on an established SFTP channel. A remote user can send a specially crafted extended data message to cause a denial of service.
The issue affects targeted SFTP channel processes, which become permanently unresponsive while continuing to consume CPU time and accumulate unbounded message queue memory. Opening many channels can amplify the impact.