Vulnerability in Gentoo Linux
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers a…
EPSS: 0.092 (92.9th percentile) — read the EPSS interpretation.
Affected products
- Gentoo Linux
- Transmissionbt Transmission — versions 0.1, 0.2, 0.3
- Canonical Ubuntu_linux — versions 12.04, 13.10, 14.04
- Fedoraproject Fedora — versions 20
- N/a — versions n/a
Weakness classification (CWE)
References
- FEDORA-2014-8331 (x_refsource_FEDORA, vendor-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- [oss-security] 20140710 CVE request: transmission peer communication vulnerability (mailing-list, x_refsource_MLIST)
- 68487 (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)
- [oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability (mailing-list, x_refsource_MLIST)
- 60108 (x_refsource_SECUNIA, third-party-advisory)
- 60527 (x_refsource_SECUNIA, third-party-advisory)
- 59897 (x_refsource_SECUNIA, third-party-advisory)
- DSA-2988 (vendor-advisory, x_refsource_DEBIAN)