Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
References
Link | Resource |
---|---|
https://github.com/transmission/transmission/commit/2123adf8e5e1c2b48791f9d22fc8c747e974180e | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/05/msg00022.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/08/msg00001.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CD3GLZ5URIK74RCGLSH72IVLDIJJMLQC/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVAG2HNKNRLWOACFN5F2ANJD2SQ53WI7/ | |
https://security.gentoo.org/glsa/202007-07 | Third Party Advisory |
https://tomrichards.net/2020/05/cve-2018-10756-transmission/ | Exploit Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-15T15:56:21
Updated: 2020-08-01T19:06:07
Reserved: 2018-05-05T00:00:00
Link: CVE-2018-10756
JSON object: View
NVD Information
Status : Modified
Published: 2020-05-15T16:15:11.437
Modified: 2023-11-07T02:51:32.217
Link: CVE-2018-10756
JSON object: View
Redhat Information
No data.
CWE