1978135 – (CVE-2021-34813) CVE-2021-34813 libolm: allows a malicious Matrix homeserver to crash a client

Bug 1978135 (CVE-2021-34813) - CVE-2021-34813 libolm: allows a malicious Matrix homeserver to crash a client

Summary: CVE-2021-34813 libolm: allows a malicious Matrix homeserver to crash a client

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2021-34813
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1978136
Blocks:
TreeView+	depends on / blocked

Reported:	2021-07-01 08:05 UTC by Dhananjay Arunesh
Modified:	2021-10-28 05:30 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-28 05:30:14 UTC
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2021-07-01 08:05:02 UTC

Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has a stack-based buffer overflow. Remote code execution might be possible for some nonstandard build configurations.

References:
https://gitlab.matrix.org/matrix-org/olm/-/releases/3.2.3
https://matrix.org/blog/2021/06/14/adventures-in-fuzzing-libolm
https://gitlab.matrix.org/matrix-org/olm/-/commit/ccc0d122ee1b4d5e5ca4ec1432086be17d5f901b

Comment 1 Dhananjay Arunesh 2021-07-01 08:05:26 UTC

Created libolm tracking bugs for this issue:

Affects: epel-8 [bug 1978136]

Note You need to log in before you can comment on or make changes to this bug.