Unrated severityNVD Advisory· Published Mar 18, 2014· Updated May 6, 2026

CVE-2014-2537

Description

Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Affected products

Sophos/Unified Threat Management Software4 versions
cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*range: <=9.108
- cpe:2.3:a:sophos:unified_threat_management_software:8.3:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:unified_threat_management_software:9.007:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:unified_threat_management_software:9.107:*:*:*:*:*:*:*
Sophos/Unified Threat Management7 versions
cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*
- cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blogs.sophos.com/2014/02/20/utm-up2date-9-109/nvdPatchVendor Advisory
secunia.com/advisories/57344nvdVendor Advisory
www.securityfocus.com/bid/66231nvd
www.securitytracker.com/id/1029920nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000