A stack-based buffer overflow flaw was found in the way Transmission, a free, lightweight BitTorrent client, performed connection acknowledgements processing. A remote attacker could issue a specially-crafted request that, when processed would lead to transmission-daemon crash. Upstream ticket: [1] https://trac.transmissionbt.com/ticket/5002 Source of the problem: [2] https://trac.transmissionbt.com/ticket/5002#comment:22 Libutp patches: [3] https://github.com/bittorrent/libutp/issues/38 [4] https://github.com/bittorrent/libutp/issues/37 Relevant transmission upstream patch: [5] https://trac.transmissionbt.com/changeset/13646 Other references: [6] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700234 [7] http://www.openwall.com/lists/oss-security/2013/02/10/2
This issue did NOT affect the versions of the transmission package, as shipped with Fedora release of 17 and 18 (they contain 2.76 upstream based versions already, which is not vulnerable to this problem any more). -- This issue affects the version of the transmission package, as shipped with Fedora release of 16. Please schedule an update. -- This issue did NOT affect the versions of the transmission package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 (they don't contain the relevant code part yet).
Created transmission tracking bugs for this issue Affects: fedora-16 [bug 909939]
Follow-up on the CVE request: http://www.openwall.com/lists/oss-security/2013/02/11/4
EOL is tomorrow
CVE identifier of CVE-2012-6129 has been assigned to this issue: http://www.openwall.com/lists/oss-security/2013/02/13/1