Mumble: Multiple vulnerabilities

Mumble: Multiple vulnerabilities Multiple vulnerabilities have been found in Mumble, the worst of which could lead to arbitrary code execution. mumble June 06, 2014 June 06, 2014: 1 500486 510380 remote 1.2.6 1.2.6

Mumble is low-latency voice chat software intended for use with gaming.

Multiple vulnerabilities have been discovered in Mumble:

A crafted length prefix value can trigger a heap-based buffer overflow or NULL pointer dereference in the opus_packet_get_samples_per_frame function (CVE-2014-0044)
A crafted packet can trigger an error in the opus_decode_float function, leading to a heap-based buffer overflow (CVE-2014-0045)
A crafted SVG referencing local files can lead to resource exhaustion or hangs (CVE-2014-3755)
Mumble does not properly escape HTML in some external strings before displaying them (CVE-2014-3756)

A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.

There is no known workaround at this time.

All Mumble users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=media-sound/mumble-1.2.6"

CVE-2014-0044 CVE-2014-0045 CVE-2014-3755 CVE-2014-3756 BlueKnight creffett