CVE-2014-0045

Name of the Vulnerable Software and Affected Versions Mumble versions 1.1 through 1.2.4 Mumble for iOS versions 1.1 through 1.2.2 MumbleKit versions prior to commit fd190328a9b24d37382b269a5674b0c0c7a7e36d

Description The issue concerns multiple vulnerabilities in the Mumble package of the Debian GNU/Linux operating system, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. Specifically, the needSamples method in AudioOutputSpeech.cpp does not check the return value of the opus decode float function, allowing remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Opus voice packet. This triggers an error in opus decode float, a conversion of a negative integer to an unsigned integer, and a heap-based buffer over-read and over-write.

Recommendations For Mumble versions 1.1 through 1.2.4, update to a version that includes a fix for the needSamples method in AudioOutputSpeech.cpp. For Mumble for iOS versions 1.1 through 1.2.2, update to a version that includes a fix for the needSamples method in AudioOutputSpeech.cpp. For MumbleKit versions prior to commit fd190328a9b24d37382b269a5674b0c0c7a7e36d, update to a version that includes a fix for the needSamples method in AudioOutputSpeech.cpp. As a temporary workaround, consider disabling the needSamples method in AudioOutputSpeech.cpp until a patch is available.