murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood. References: https://bugs.debian.org/919249 https://github.com/mumble-voip/mumble/issues/3505 Upstream Patch: https://github.com/mumble-voip/mumble/pull/3510 https://github.com/mumble-voip/mumble/pull/3512
Created mumble tracking bugs for this issue: Affects: fedora-all [bug 1670225]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.