Lucene search

GoogleOSV:CVE-2024-42369

HistoryAug 20, 2024 - 3:15 p.m.

CVE-2024-42369

2024-08-2015:15:21

Google

osv.dev

javascript

vulnerability

fix

recursion

matrix messaging protocol

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk’s getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the ‘leaveRoomChain()’ method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1.

References

github.com/matrix-org/matrix-js-sdk/commit/a0efed8b881b3db6c9f2c71d6a6e74c2828978c6

github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-vhr5-g3pm-49fm

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

17.7%

JSON

Related for OSV:CVE-2024-42369