CVE-2026-55952
Awaiting Analysis Awaiting Analysis - Queue

Buffer Overflow in Erlang OTP SSL Application

Vulnerability report for CVE-2026-55952, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: EEF

Description

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with a mismatched number of identities and binders is forwarded directly to tls_server_session_ticket:use/4, which crashes the session ticket handler process. An unauthenticated remote attacker can send a single crafted ClientHello to a TLS 1.3 server with session tickets enabled (stateful or stateless mode) and permanently disrupt session ticket handling on that listener. New TLS 1.3 handshakes complete but subsequently crash when the server attempts to issue a session ticket, effectively making TLS 1.3 unusable on the affected listener until the ssl application is restarted. TLS 1.2 connections are not affected. This issue affects OTP from 22.2 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 9.5 before 11.7.3, 11.6.0.3 and 11.2.12.10.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-03
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 9 associated CPEs
Vendor Product Version / Range
erlang ssl to 11.7.3 (exc)
erlang ssl to 11.6.0.3 (exc)
erlang ssl to 11.2.12.10 (exc)
erlang otp From 22.2 (inc) to 29.0.3 (exc)
erlang otp 28.5.0.3
erlang otp 27.3.4.14
erlang ssl From 9.5 (inc) to 11.7.3 (exc)
erlang ssl 11.6.0.3
erlang ssl 11.2.12.10

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1284 The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-55952 is a high-severity Denial-of-Service (DoS) vulnerability in the Erlang/OTP ssl application affecting TLS 1.3 servers. The vulnerability arises because the server does not validate that the Pre-Shared Key (PSK) identity list and binder list in a TLS 1.3 ClientHello message have equal lengths before processing them. When these lists are mismatched, the session ticket handler process crashes.

An unauthenticated remote attacker can exploit this by sending a single crafted ClientHello message with mismatched PSK identity and binder list lengths to a TLS 1.3 server with session tickets enabled. This causes the session ticket handler to crash, disrupting session ticket handling on that listener.

While new TLS 1.3 handshakes complete successfully, they fail when the server attempts to issue a session ticket, effectively making TLS 1.3 unusable on the affected listener until the ssl application is restarted. TLS 1.2 connections are not affected by this issue.

Impact Analysis

This vulnerability can cause a Denial-of-Service (DoS) condition on TLS 1.3 servers using Erlang/OTP ssl with session tickets enabled. An attacker can send a single malicious ClientHello message that crashes the session ticket handler process.

As a result, while TLS 1.3 handshakes may initially succeed, the server will crash when trying to issue session tickets, rendering TLS 1.3 connections unusable on the affected listener until the ssl application or listener is restarted.

This disruption can lead to service unavailability or degraded security posture for applications relying on TLS 1.3, potentially impacting users and services dependent on secure communications.

Detection Guidance

This vulnerability can be detected by monitoring TLS 1.3 server logs for crashes or disruptions in session ticket handling, especially after receiving ClientHello messages with malformed Pre-Shared Key (PSK) extensions where the identity list and binder list lengths do not match.

Since the issue causes the session ticket handler process to crash upon receiving a crafted ClientHello, detection can involve observing repeated TLS 1.3 handshake failures or server-side process crashes related to session ticket issuance.

There are no specific commands provided in the available resources to detect this vulnerability directly on the network or system.

Mitigation Strategies

Immediate mitigation steps include applying the available patches that add validation checks to ensure the PSK identity list and binder list lengths match during the TLS 1.3 handshake.

If patching is not immediately possible, a workaround is to disable session tickets in the server's ssl options or restrict the server to use TLS 1.2, which is not affected by this vulnerability.

Restarting the ssl application or affected listeners after a crash can temporarily restore TLS 1.3 functionality until a patch is applied.

Compliance Impact

The vulnerability causes a denial-of-service condition on TLS 1.3 servers by crashing the session ticket handler process when processing malformed ClientHello messages with mismatched PSK identity and binder lists.

This disruption affects the availability of TLS 1.3 connections on the affected listener until the ssl application is restarted, potentially impacting the reliability and availability of secure communications.

While the vulnerability does not directly disclose data or compromise confidentiality or integrity, the denial-of-service impact could affect compliance with standards like GDPR and HIPAA that require maintaining availability and secure communication channels.

Organizations relying on Erlang/OTP TLS 1.3 servers with session tickets enabled should consider this risk in their compliance posture and apply patches or mitigations to maintain continuous secure service availability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55952. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart