CVE-2021-44538 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Element
Severity
9.8CRITICALNVD
OSV8.8
EPSS
1.4%
top 19.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 14
Latest updateJan 21
Description
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer size…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages8 packages
Also affects: Debian Linux 10.0, 11.0, 9.0