Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Ubuntu 20.04 LTS Advisory: Mumble Remote Code Execution Risk

Calendar Dec 16, 2021 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory remote code execution arbitrary code execution Ubuntu update instructions mumble
A security issue was fixed in Mumble. 
=========================================================================Ubuntu Security Notice USN-5195-1
December 16, 2021

mumble vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

A security issue was fixed in Mumble.

Software Description:
- mumble: Low latency encrypted VoIP client

Details:

It was discovered that the Mumble client supported websites for public serverswith arbitrary URL schemes. If a user were tricked into visiting a malicious
website from the public server list, a remote attacker could possibly execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  mumble                          1.3.0+dfsg-1ubuntu0.1

Ubuntu 18.04 LTS:
  mumble                          1.2.19-1ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5195-1
  CVE-2021-27229

Package Information:
  https://launchpad.net/ubuntu/+source/mumble/1.3.0+dfsg-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/mumble/1.2.19-1ubuntu1.1

Ubuntu 20.04 LTS Advisory: Mumble Remote Code Execution Risk

ubuntu
Calendar Grey December 16, 2021
Dist Ubuntu Esm H88
Upgrade your Ubuntu system to address the Mumble vulnerability and mitigate any possible threats of code execution.
A security issue was fixed in Mumble.

Summary

Topics%20covered

Topics Covered

security advisory remote code execution arbitrary code execution Ubuntu update instructions mumble

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: mumble 1.3.0+dfsg-1ubuntu0.1 Ubuntu 18.04 LTS: mumble 1.2.19-1ubuntu1.1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5195-1

CVE-2021-27229

Severity
important
Lowest
Low
Medium
High
Critical

December 16, 2021

Topics%20covered

Topics Covered

security advisory remote code execution arbitrary code execution Ubuntu update instructions mumble

Package Information

https://launchpad.net/ubuntu/+source/mumble/1.3.0+dfsg-1ubuntu0.1 https://launchpad.net/ubuntu/+source/mumble/1.2.19-1ubuntu1.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here