CVE-2014-4909

Published: 11 July 2014

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Priority

Medium

Status

Package Release Status
transmission
Launchpad, Ubuntu, Debian
Upstream
Released (2.84)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [2.82-1.1ubuntu3.1])
Patches:
Upstream: https://trac.transmissionbt.com/changeset/14303