CVE-2024-42369Uncontrolled Recursion in Matrix-js-sdk

CWE-674Uncontrolled Recursion6 documents5 sources
Severity
5.3MEDIUMNVD
CNA4.1
EPSS
0.2%
top 57.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Matrix-org Matrix-js-sdkMatrix Javascript SDK
Timeline
PublishedAug 20

Description

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the 'leaveRoomChain()' method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

NVDmatrix/javascript_sdk< 34.3.1
CVEListV5matrix-org/matrix-js-sdk< 34.3.1

Patches

Patch: github.com

🔴Vulnerability Details

4
GHSA
matrix-js-sdk will freeze when a user sets a room with itself as a its predecessor2024-08-20
CVEList
A room with itself as a its predecessor will freeze matrix-js-sdk2024-08-20
OSV
CVE-2024-42369: matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript2024-08-20
OSV
matrix-js-sdk will freeze when a user sets a room with itself as a its predecessor2024-08-20

📋Vendor Advisories

1
Debian
CVE-2024-42369: node-matrix-js-sdk - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A...2024
CVE-2024-42369 — Uncontrolled Recursion | cvebase