Linux Distros Unpatched Vulnerability : CVE-2024-53863

🗓️ 27 Aug 2025 00:00:00Reported by TenableType

Synapse versions before 1.120.1 on Linux may process special image formats via dynamic_thumbnails, risking external tools.

Reporter	Title	Published	Views	Family All 44
FreeBSD	py-matrix-synapse -- multiple vulnerabilities in versions prior to 1.120.1	3 Dec 202400:00	–	freebsd
AlpineLinux	CVE-2024-53863	3 Dec 202416:48	–	alpinelinux
Circl	CVE-2024-53863	3 Dec 202417:05	–	circl
CNNVD	Element Synapse 安全漏洞	3 Dec 202400:00	–	cnnvd
CVE	CVE-2024-53863	3 Dec 202416:48	–	cve
Cvelist	CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders	3 Dec 202416:48	–	cvelist
Debian CVE	CVE-2024-53863	3 Dec 202416:48	–	debiancve
EUVD	EUVD-2024-3513	3 Oct 202520:07	–	euvd
Fedora	[SECURITY] Fedora 40 Update: matrix-synapse-1.111.1-3.fc40	13 Dec 202401:37	–	fedora
Fedora	[SECURITY] Fedora 41 Update: matrix-synapse-1.118.0-3.fc41	13 Dec 202401:35	–	fedora

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2024-53863
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(255863);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/28");

  script_cve_id("CVE-2024-53863");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2024-53863");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the
    dynamic_thumbnails option or processing a specially crafted request could trigger the decoding and
    thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for
    processing. This significantly expands the attack surface in a historically vulnerable area, presenting a
    risk that far outweighs the benefit, particularly since these formats are rarely used on the open web or
    within the Matrix ecosystem. Synapse 1.120.1 addresses the issue by restricting thumbnail generation to
    images in the following widely used formats: PNG, JPEG, GIF, and WebP. This vulnerability is fixed in
    1.120.1. (CVE-2024-53863)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2024-53863");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-53863");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/12/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:matrix-synapse");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-24.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-24.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "24.04",
        "pkgs": [
          {"reference": "matrix-synapse"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

28 Oct 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.19.1

CVSS 48.2

EPSS0.00962

SSVC