Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 930514 (CVE-2024-31208)

Summary: <net-im/synapse-1.105.1: Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage
Product: Gentoo Security Reporter: Petr Vaněk <arkamar>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: arkamar
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v
See Also: https://github.com/gentoo/gentoo/pull/36378
Whiteboard: B3 [glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 930695    
Bug Blocks:    

Description Petr Vaněk gentoo-dev 2024-04-23 18:24:00 UTC
A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in how the auth chain cover index is calculated. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service.

Servers in private federations, or those that do not federate, are not affected.
Comment 1 Larry the Git Cow gentoo-dev 2024-04-23 20:43:47 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=123715b98768e9091423aa406d1d4bf326533562

commit 123715b98768e9091423aa406d1d4bf326533562
Author:     Joe Kappus <joe@wt.gd>
AuthorDate: 2024-04-23 18:30:33 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-04-23 20:42:40 +0000

    net-im/synapse: add 1.105.1
    
    Bug: https://bugs.gentoo.org/930514
    Signed-off-by: Joe Kappus <joe@wt.gd>
    Closes: https://github.com/gentoo/gentoo/pull/36378
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 net-im/synapse/Manifest               |   1 +
 net-im/synapse/synapse-1.105.1.ebuild | 211 ++++++++++++++++++++++++++++++++++
 2 files changed, 212 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2024-04-26 15:36:47 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=086702e62705a7306a93eebaa40f257e41550a5c

commit 086702e62705a7306a93eebaa40f257e41550a5c
Author:     Petr Vaněk <arkamar@gentoo.org>
AuthorDate: 2024-04-26 15:34:01 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-04-26 15:36:23 +0000

    net-im/synapse: drop 1.103.0, 1.104.0, 1.105.0
    
    Bug: https://bugs.gentoo.org/930514
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 net-im/synapse/Manifest                            |  15 --
 .../files/synapse-1.101.0-netaddr-tests.patch      |  33 ----
 net-im/synapse/synapse-1.103.0.ebuild              | 215 ---------------------
 net-im/synapse/synapse-1.104.0.ebuild              | 211 --------------------
 net-im/synapse/synapse-1.105.0.ebuild              | 211 --------------------
 5 files changed, 685 deletions(-)