Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has a stack-based buffer overflow. Remote code execution might be possible for some nonstandard build configurations.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMatrix Olm
APPMatrix< 3.2.3
Related vulnerabilities
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm se...
An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing ...
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 w...
An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack o...
Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to ...