71 matches found
Buffer overflow
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
UBUNTU-CVE-2021-44538
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
CVE-2021-44538
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
CVE-2021-44538
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
CVE-2021-44538
CVE-2021-44538: The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object state is partially controllable by the remote party; crafted messages can manipulate the receiver’s session so that, for some buffer sizes, a buffer overflow ...
CVE-2021-44538
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
Denial Of Service (DoS)
riot-web:edge is vulnerable to denial of service. Attackers sending a malicious sequence of messages can manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olmsessiondescribe. Furthermore, safe buffer sizes were...
Matrix clients -- several vulnerabilities
Matrix developers report: Today we are releasing security updates to libolm, matrix-js-sdk, and several clients including Element Web / Desktop. Users are encouraged to upgrade as soon as possible. These releases mitigate a buffer overflow in olmsessiondescribe, a libolm debugging function used b...
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserver
Impact A logic error in the room key sharing functionality of matrix-js-sdk before 12.4.1 allows a malicious Matrix homeserver† participating in an encrypted room to steal room encryption keys from affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-en...
[ASA-202109-5] element-web: information disclosure
Arch Linux Security Advisory ASA-202109-5 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-40823 Package : element-web Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2377 Summary ======= The package element-web befo...
PT-2021-22960 · Cinny +5 · Cinny +7
Name of the Vulnerable Software and Affected Versions: matrix-js-sdk versions prior to 12.4.1 Element Web versions 1.8.2 and earlier Element Desktop versions 1.8.2 and earlier SchildiChat Web versions 1.7.32-sc1 and earlier SchildiChat Desktop versions 1.7.32-sc1 and earlier Cinny versions 1.2.0...