Red Hat Bugzilla – Bug 909934
CVE-2012-6129 transmission: Stack-based buffer overflow (DoS) when processing acknowledgements
Last modified: 2016-03-04 06:22:37 EST
A stack-based buffer overflow flaw was found in the way Transmission, a free, lightweight BitTorrent client, performed connection acknowledgements processing. A remote attacker could issue a specially-crafted request that, when processed would lead to transmission-daemon crash.
Source of the problem:
Relevant transmission upstream patch:
This issue did NOT affect the versions of the transmission package, as shipped with Fedora release of 17 and 18 (they contain 2.76 upstream based versions already, which is not vulnerable to this problem any more).
This issue affects the version of the transmission package, as shipped with Fedora release of 16. Please schedule an update.
This issue did NOT affect the versions of the transmission package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 (they don't contain the relevant code part yet).
Created transmission tracking bugs for this issue
Affects: fedora-16 [bug 909939]
Follow-up on the CVE request:
EOL is tomorrow
CVE identifier of CVE-2012-6129 has been assigned to this issue: