CVE-2014-4909

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
canonicalubuntu_linux
12.04
canonicalubuntu_linux
13.10
canonicalubuntu_linux
14.04
gentoolinux
*
transmissionbttransmission
𝑥
≤ 2.83
transmissionbttransmission
0.1
transmissionbttransmission
0.2
transmissionbttransmission
0.3
transmissionbttransmission
0.4
transmissionbttransmission
0.5
transmissionbttransmission
0.6
transmissionbttransmission
0.6.1
transmissionbttransmission
0.70
transmissionbttransmission
0.71
transmissionbttransmission
0.72
transmissionbttransmission
0.80
transmissionbttransmission
0.81
transmissionbttransmission
0.82
transmissionbttransmission
0.90
transmissionbttransmission
0.91
transmissionbttransmission
0.92
transmissionbttransmission
0.93
transmissionbttransmission
0.94
transmissionbttransmission
0.95
transmissionbttransmission
0.96
transmissionbttransmission
1.00
transmissionbttransmission
1.01
transmissionbttransmission
1.02
transmissionbttransmission
1.2
transmissionbttransmission
1.03
transmissionbttransmission
1.04
transmissionbttransmission
1.05
transmissionbttransmission
1.06
transmissionbttransmission
1.10
transmissionbttransmission
1.11
transmissionbttransmission
1.20
transmissionbttransmission
1.21
transmissionbttransmission
1.22
transmissionbttransmission
1.30
transmissionbttransmission
1.31
transmissionbttransmission
1.32
transmissionbttransmission
1.33
transmissionbttransmission
1.34
transmissionbttransmission
1.40
transmissionbttransmission
1.41
transmissionbttransmission
1.42
transmissionbttransmission
1.50
transmissionbttransmission
1.51
transmissionbttransmission
1.52
transmissionbttransmission
1.53
transmissionbttransmission
1.54
transmissionbttransmission
1.60
transmissionbttransmission
1.61
transmissionbttransmission
1.70
transmissionbttransmission
1.71
transmissionbttransmission
1.72
transmissionbttransmission
1.73
transmissionbttransmission
1.74
transmissionbttransmission
1.75
transmissionbttransmission
1.76
transmissionbttransmission
1.77
transmissionbttransmission
1.80
transmissionbttransmission
1.81
transmissionbttransmission
1.82
transmissionbttransmission
1.83
transmissionbttransmission
1.90
transmissionbttransmission
1.91
transmissionbttransmission
1.92
transmissionbttransmission
1.93
transmissionbttransmission
2.00
transmissionbttransmission
2.01
transmissionbttransmission
2.02
transmissionbttransmission
2.03
transmissionbttransmission
2.04
transmissionbttransmission
2.10
transmissionbttransmission
2.11
transmissionbttransmission
2.12
transmissionbttransmission
2.13
transmissionbttransmission
2.20
transmissionbttransmission
2.21
transmissionbttransmission
2.22
transmissionbttransmission
2.30
transmissionbttransmission
2.31
transmissionbttransmission
2.32
transmissionbttransmission
2.33
transmissionbttransmission
2.40
transmissionbttransmission
2.41
transmissionbttransmission
2.42
transmissionbttransmission
2.50
transmissionbttransmission
2.51
transmissionbttransmission
2.52
transmissionbttransmission
2.60
transmissionbttransmission
2.61
transmissionbttransmission
2.70
transmissionbttransmission
2.71
transmissionbttransmission
2.72
transmissionbttransmission
2.73
transmissionbttransmission
2.74
transmissionbttransmission
2.75
transmissionbttransmission
2.76
transmissionbttransmission
2.77
transmissionbttransmission
2.80
transmissionbttransmission
2.81
transmissionbttransmission
2.82
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
transmission
bullseye
3.00-1
fixed
squeeze
not-affected
bookworm
3.00-2.1+deb12u1
fixed
sid
4.0.6+dfsg-3
fixed
trixie
4.0.6+dfsg-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
transmission
trusty
Fixed 2.82-1.1ubuntu3.1
released
saucy
Fixed 2.82-0ubuntu1.1
released
precise
Fixed 2.51-0ubuntu1.4
released
lucid
ignored
Common Weakness Enumeration
References
http://inertiawar.com/submission.go
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html
http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html
http://secunia.com/advisories/59897
http://secunia.com/advisories/60108
http://secunia.com/advisories/60527
http://www.debian.org/security/2014/dsa-2988
http://www.openwall.com/lists/oss-security/2014/07/10/4
http://www.openwall.com/lists/oss-security/2014/07/11/5
http://www.osvdb.org/108997
http://www.securityfocus.com/bid/68487
http://www.ubuntu.com/usn/USN-2279-1
https://bugs.gentoo.org/show_bug.cgi?id=516822
https://bugzilla.redhat.com/show_bug.cgi?id=1118290
https://trac.transmissionbt.com/wiki/Changes#version-2.84
https://twitter.com/benhawkes/statuses/484378151959539712
http://inertiawar.com/submission.go
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html
http://lists.opensuse.org/opensuse-updates/2014-08/msg00011.html
http://secunia.com/advisories/59897
http://secunia.com/advisories/60108
http://secunia.com/advisories/60527
http://www.debian.org/security/2014/dsa-2988
http://www.openwall.com/lists/oss-security/2014/07/10/4
http://www.openwall.com/lists/oss-security/2014/07/11/5
http://www.osvdb.org/108997
http://www.securityfocus.com/bid/68487
http://www.ubuntu.com/usn/USN-2279-1
https://bugs.gentoo.org/show_bug.cgi?id=516822
https://bugzilla.redhat.com/show_bug.cgi?id=1118290
https://trac.transmissionbt.com/wiki/Changes#version-2.84
https://twitter.com/benhawkes/statuses/484378151959539712