Lucene search

[email protected]NVD:CVE-2024-42369

HistoryAug 20, 2024 - 3:15 p.m.

CVE-2024-42369

2024-08-2015:15:21

CWE-674

[email protected]

web.nvd.nist.gov

matrix messaging protocol

client-server sdk

javascript

malicious homeserver

room structure

predecessors

recursion

code hang

leaveroomchain

bug

patched

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

17.7%

JSON

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk’s getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the ‘leaveRoomChain()’ method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1.

Affected configurations

Nvd

Node

matrixjavascript_sdkRange<34.3.1

VendorProductVersionCPE
matrixjavascript_sdk*cpe:2.3:a:matrix:javascript_sdk:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
matrix	javascript_sdk	*	cpe:2.3:a:matrix:javascript_sdk::::::::

References

github.com/matrix-org/matrix-js-sdk/commit/a0efed8b881b3db6c9f2c71d6a6e74c2828978c6

github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-vhr5-g3pm-49fm

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

17.7%

JSON

Related for NVD:CVE-2024-42369

osv4 github1 cvelist1 vulnrichment1 cve1 veracode1