A denial of service flaw, with possible (but unconfirmed) arbitrary code execution, was reported  in Mumble:
A malformed Opus voice packet sent to a Mumble client could trigger a heap-based buffer overflow. This causes a client crash (Denial of Service) and can potentially be used to execute arbitrary code, though this is unconfirmed.
This issue can be triggered remotely by an entity participating in a Mumble voice chat.
This has been corrected in upstream version 1.2.5 .
Created mumble tracking bugs for this issue:
Affects: fedora-all [bug 1061859]
mumble-1.2.5-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
mumble-1.2.5-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.