CVE-2024-42369

2024-08-2015:15:21

CWE-674

GitHub_M

web.nvd.nist.gov

cve-2024-42369

matrix messaging protocol

javascript

homeserver

room structure

getroomupgradehistory

leaveroomchain

code hang

patch

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk’s getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the ‘leaveRoomChain()’ method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1.

Affected configurations

Nvd

Vulners

Node

matrixjavascript_sdkRange<34.3.1

VendorProductVersionCPE
matrixjavascript_sdk*cpe:2.3:a:matrix:javascript_sdk:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
matrix	javascript_sdk	*	cpe:2.3:a:matrix:javascript_sdk::::::::

CNA Affected

[
  {
    "vendor": "matrix-org",
    "product": "matrix-js-sdk",
    "versions": [
      {
        "version": "< 34.3.1",
        "status": "affected"
      }
    ]
  }
]