A vulnerability has been discovered in Mumble through 1.3.0 where a remote unauthenticated user connected to the server can send a crafted packet to change the number of allowed users in the root channel to 0, thereby disallowing users to connect to the server and causing a Denial of Service. Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920476 https://github.com/mumble-voip/mumble/issues/3585
Created mumble tracking bugs for this issue: Affects: fedora-all [bug 1679082]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.