Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 829221 (CVE-2021-44538) - [Tracker] Buffer overflow in Matrix libolm
Summary: [Tracker] Buffer overflow in Matrix libolm
Status: RESOLVED FIXED
Alias: CVE-2021-44538
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://matrix.org/blog/2021/12/13/di...
Whiteboard:
Keywords:
Depends on: 829222 829223
Blocks:
  Show dependency tree
 
Reported: 2021-12-15 01:58 UTC by John Helmert III
Modified: 2021-12-16 00:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-12-15 01:58:24 UTC 
CVE-2021-44538:

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.

1.9.7 is the fixed Element.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-12-16 00:55:33 UTC 
Blockers closed.