ALT-PU-2014-2040-1
Package transmission updated to version 2.84-alt1 for branch sisyphus in task 128596.
Closed vulnerabilities
Published: 2014-07-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Severity: MEDIUM (6.8)
References:
- http://inertiawar.com/submission.go
- http://inertiawar.com/submission.go
- FEDORA-2014-8331
- FEDORA-2014-8331
- openSUSE-SU-2014:0980
- openSUSE-SU-2014:0980
- 59897
- 59897
- 60108
- 60108
- 60527
- 60527
- DSA-2988
- DSA-2988
- [oss-security] 20140710 CVE request: transmission peer communication vulnerability
- [oss-security] 20140710 CVE request: transmission peer communication vulnerability
- [oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability
- [oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability
- 108997
- 108997
- 68487
- 68487
- USN-2279-1
- USN-2279-1
- https://bugs.gentoo.org/show_bug.cgi?id=516822
- https://bugs.gentoo.org/show_bug.cgi?id=516822
- https://bugzilla.redhat.com/show_bug.cgi?id=1118290
- https://bugzilla.redhat.com/show_bug.cgi?id=1118290
- https://trac.transmissionbt.com/wiki/Changes#version-2.84
- https://trac.transmissionbt.com/wiki/Changes#version-2.84
- https://twitter.com/benhawkes/statuses/484378151959539712
- https://twitter.com/benhawkes/statuses/484378151959539712