Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 500582

Summary: <media-sound/mumble-1.2.5 - NULL pointer dereference or out-of-bounds array access, heap-based buffer overflow (CVE-2014-0044, CVE-2014-0045)
Product: Gentoo Security Reporter: Robert Joslyn <rjmars97>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: minor CC: alex_y_xu, tgurr
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://blog.mumble.info/mumble-1-2-5/
Whiteboard: B3 [ebuild]
Package list:
Runtime testing required: ---

Description Robert Joslyn 2014-02-07 02:47:54 UTC
Mumble has been updated to fix two security issues, as detailed in this announcement: http://blog.mumble.info/mumble-1-2-5/

Reproducible: Always
Comment 1 Alex Xu (Hello71) 2014-02-07 02:54:54 UTC
wrangling in progress, please wait
Comment 2 Alex Xu (Hello71) 2014-02-07 02:56:25 UTC
Mumble-SA-2014-001 [sig] (CVE-2014-0044)
– A malformed Opus voice packet sent to a Mumble client could trigger a NULL pointer dereference or an out-of-bounds array access.

Mumble-SA-2014-002 [sig] (CVE-2014-0045)
– A malformed Opus voice packet sent to a Mumble client could trigger a heap-based buffer overflow.
Comment 3 Alex Xu (Hello71) 2014-02-07 02:58:43 UTC
Actually, I'm not sure if "heap-based buffer overflow" means possible remote code execution.
Comment 4 Chris Reffett (RETIRED) gentoo-dev Security 2014-02-07 03:07:50 UTC
Let's call it B3 for now, we can bump it up if the CVE indicates possible AcE. Heap-based buffer overflows sometimes are AcE, sometimes just DoS.
Comment 5 Agostino Sarubbo gentoo-dev 2014-02-07 08:10:37 UTC

*** This bug has been marked as a duplicate of bug 500486 ***