Vulnerability in Sophos Unified_threat_management

CVE-2014-2537

Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

EPSS: 0.017 (82.9th percentile) — read the EPSS interpretation.

Affected products

Sophos Unified_threat_management — versions 110, 120, 220
Sophos Unified_threat_management_software — versions 8.3, 9.007, 9.107
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

1029920 (vdb-entry, x_refsource_SECTRACK)
57344 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
66231 (vdb-entry, x_refsource_BID)