Your submission was sent successfully! Close

CVE-2014-4909

Published: 11 July 2014

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Priority

Medium

Status

Package Release Status
transmission
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (2.51-0ubuntu1.4)
saucy
Released (2.82-0ubuntu1.1)
trusty Does not exist
(trusty was released [2.82-1.1ubuntu3.1])
upstream
Released (2.84)
Patches:
upstream: https://trac.transmissionbt.com/changeset/14303