CVE-2014-0044Improper Restriction of Operations within the Bounds of a Memory Buffer in Mumble

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 27.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
MumbleDebian MumbleLight Speed Gaming Mumble
Timeline
PublishedFeb 8
Latest updateMay 17

Description

The opus_packet_get_samples_per_frame function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service (crash) via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read (aka "out-of-bounds array access").

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/mumble< mumble 1.2.4-0.2 (bookworm)
Debianmumble/mumble< 1.2.4-0.2+3
NVDlight_speed_gaming/mumble1.2.3, 1.2.4+1

🔴Vulnerability Details

2
GHSA
GHSA-649v-fxxp-vqjg: The opus_packet_get_samples_per_frame function in client in Mumble 12022-05-17
OSV
CVE-2014-0044: The opus_packet_get_samples_per_frame function in client in Mumble 12014-02-08

📋Vendor Advisories

1
Debian
CVE-2014-0044: mumble - The opus_packet_get_samples_per_frame function in client in Mumble 1.2.4 and the...2014

💬Community

2
Bugzilla
CVE-2014-0044 mumble: NULL pointer dereference leads to denial of service2014-02-05
Bugzilla
CVE-2014-0044 CVE-2014-0045 mumble: various flaws [fedora-all]2014-02-05
CVE-2014-0044 — Debian Mumble vulnerability | cvebase