Matrix Android SDK 2 is vulnerable to authentication bypass. The vulnerability exists in onRoomKeyEvent
function of DefaultCryptoService.kt
due to lack of entity authentication for key forwarding strategy which allows an attacker to cooperate with a malicious home server.
CPE | Name | Operator | Version |
---|---|---|---|
matrix android sdk 2 | le | 1.4.36 | |
matrix android sdk 2 | le | 1.4.36 |
github.com/advisories/GHSA-2pvj-p485-cp3m
github.com/matrix-org/matrix-android-sdk2/commit/77df720a238d17308deab83ecaa37f7a4740a17e
github.com/matrix-org/matrix-android-sdk2/releases/tag/v1.5.1
github.com/matrix-org/matrix-android-sdk2/security/advisories/GHSA-2pvj-p485-cp3m
github.com/matrix-org/matrix-spec-proposals/pull/3061
matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients