Alerts This Week
Warning Icon 1 1,375
Alerts This Week
Warning Icon 1 1,375

Ubuntu 20.04 LTS Advisory: Mumble Remote Code Execution Risk

ubuntu
Calendar Grey December 16, 2021
Dist Ubuntu Esm H88
Upgrade your Ubuntu system to address the Mumble vulnerability and mitigate any possible threats of code execution.
A security issue was fixed in Mumble.

Summary

A security issue was fixed in Mumble.

Software Description:

- mumble: Low latency encrypted VoIP client

Details:

It was discovered that the Mumble client supported websites for public serverswith arbitrary URL schemes. If a user were tricked into visiting a malicious

website from the public server list, a remote attacker could possibly execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  mumble                          1.3.0+dfsg-1ubuntu0.1

Ubuntu 18.04 LTS:
  mumble                          1.2.19-1ubuntu1.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5195-1

CVE-2021-27229

Severity
important
Lowest
Low
Medium
High
Critical

December 16, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here