CVE-2021-44538

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-44538
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44538.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-44538
Related
Published
2021-12-14T14:15:09Z
Modified
2024-09-18T03:17:47.360624Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olmsessiondescribe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.

References

Affected packages

Debian:11 / olm

Package

Name
olm
Purl
pkg:deb/debian/olm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2.1~dfsg-7
3.2.3~dfsg-1
3.2.3~dfsg-2
3.2.3~dfsg-3
3.2.4~dfsg-1
3.2.6~dfsg-1
3.2.6~dfsg-2
3.2.7~dfsg-1
3.2.7~dfsg-2
3.2.8~dfsg-1
3.2.10~dfsg-1
3.2.10~dfsg-2
3.2.10~dfsg-3
3.2.10~dfsg-4
3.2.10~dfsg-5
3.2.10~dfsg-6
3.2.11~dfsg-1~bpo11+1
3.2.11~dfsg-1
3.2.12~dfsg-1
3.2.13~dfsg-1
3.2.15~dfsg-1
3.2.16+dfsg-1
3.2.16+dfsg-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / olm

Package

Name
olm
Purl
pkg:deb/debian/olm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.8~dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / olm

Package

Name
olm
Purl
pkg:deb/debian/olm?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.8~dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:11 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:91.4.1-1~deb11u1

Affected versions

1:78.*

1:78.12.0-1
1:78.13.0-1~deb9u1
1:78.13.0-1~deb10u1
1:78.13.0-1~deb11u1
1:78.13.0-1
1:78.14.0-1~deb9u1
1:78.14.0-1~deb10u1
1:78.14.0-1~deb11u1
1:78.14.0-1

1:84.*

1:84.0~b3-1

1:85.*

1:85.0~b3-1

1:86.*

1:86.0~b3-1

1:88.*

1:88.0~b2-1

1:89.*

1:89.0~b2-1

1:90.*

1:90.0~b2-1

1:91.*

1:91.0~b1-1
1:91.0~b3-1
1:91.0~b5-1
1:91.0-1
1:91.0.2-1
1:91.1.0-1
1:91.1.1-1
1:91.2.0-1
1:91.2.1-1
1:91.3.0-1
1:91.3.2-1
1:91.4.0-1
1:91.4.1-1~deb9u1
1:91.4.1-1~deb10u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:91.4.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / thunderbird

Package

Name
thunderbird
Purl
pkg:deb/debian/thunderbird?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:91.4.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/ajbura/cinny

Affected ranges

Type
GIT
Repo
https://github.com/ajbura/cinny
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5d380453a4a85728d89b28428600cdc7bfc451e4
Type
GIT
Repo
https://github.com/matrix-org/matrix-js-sdk
Events
Introduced
c874783742f17921830aa274106d65e3e8af903c
Fixed
f4839a3b4f1877111b2e0360a1b3b0dd2047193e
Type
GIT
Repo
https://github.com/schildichat/schildichat-desktop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311
Type
GIT
Repo
https://github.com/vector-im/element-desktop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6e28c141abfb688d8d5ec8dca8a5033098f6da76
Type
GIT
Repo
https://github.com/vector-im/element-web
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
eae38311b24da6801366780fe889aafe2d892e9f
Type
GIT
Repo
https://gitlab.matrix.org/matrix-org/olm
Events
Introduced
6753595300767dd70150831dbbe6f92d64e75038
Fixed
797183f27f1c8cdb9d4551aaa317bd13ff02401b

Affected versions

3.*

3.1.4
3.1.5
3.2.0
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7

v0.*

v0.1.2
v0.10.0
v0.10.0-rc.2
v0.10.1
v0.10.2
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.1
v0.11.2
v0.11.2-rc.1
v0.11.2-rc.2
v0.11.3
v0.11.4
v0.12.0-rc.1
v0.12.1
v0.12.1-rc.1
v0.12.2
v0.12.3
v0.12.3-rc.1
v0.12.3-rc.2
v0.12.3-rc.3
v0.12.4
v0.12.4-rc.1
v0.12.5
v0.12.6
v0.12.7
v0.12.7-rc.1
v0.12.7-rc.2
v0.12.7-rc.3
v0.13.0
v0.13.0-rc.1
v0.13.0-rc.2
v0.13.0-rc.3
v0.13.1
v0.13.2
v0.13.3
v0.13.4
v0.13.5
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.1
v0.14.2
v0.14.2-rc.1
v0.14.2-rc.2
v0.14.2-rc.3
v0.14.3-rc.1
v0.15.0
v0.15.0-rc.1
v0.15.0-rc.2
v0.15.0-rc.3
v0.15.0-rc.4
v0.15.0-rc.5
v0.15.0-rc.6
v0.15.1
v0.15.2
v0.15.3
v0.15.4
v0.15.4-rc.1
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.6-rc.1
v0.15.6-rc.2
v0.15.7
v0.15.7-rc.1
v0.15.7-rc.2
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.1-rc.1
v0.16.2
v0.16.3
v0.16.3-rc.1
v0.16.3-rc.2
v0.16.4
v0.16.4-rc.1
v0.16.5
v0.16.5-rc.1
v0.16.6
v0.17.0
v0.17.0-rc.1
v0.17.1
v0.17.2
v0.17.3
v0.17.3-rc.1
v0.17.4
v0.17.5
v0.17.6
v0.17.6-rc.1
v0.17.6-rc.2
v0.17.7
v0.17.8
v0.17.8-rc.1
v0.17.9
v0.17.9-rc.1
v0.3.0
v0.4.0
v0.4.1
v0.5.0
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.4-r1
v0.7.5
v0.7.5-r1
v0.7.5-r2
v0.7.5-r3
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.9.10
v0.9.10-rc.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.6-rc.1
v0.9.7
v0.9.7-rc.1
v0.9.7-rc.2
v0.9.7-rc.3
v0.9.8
v0.9.8-rc.1
v0.9.8-rc.2
v0.9.8-rc.3
v0.9.9
v0.9.9-rc.1
v0.9.9-rc.2

v1.*

v1.0.0
v1.0.0-rc.1
v1.0.0-rc.2
v1.0.1
v1.0.2
v1.0.2-rc.1
v1.0.2-rc.2
v1.0.2-rc.3
v1.0.3
v1.0.4
v1.0.4-rc.1
v1.0.5
v1.0.6
v1.0.6-rc.1
v1.0.7
v1.0.8
v1.1.0
v1.1.0-rc.1
v1.1.1
v1.1.2
v1.2.0
v1.2.0-rc.1
v1.2.1
v1.2.2
v1.2.2-rc.1
v1.2.2-rc.2
v1.2.3
v1.2.3-rc.1
v1.2.4
v1.3.0
v1.3.0-rc.1
v1.3.0-rc.2
v1.3.0-rc.3
v1.3.1
v1.3.1-rc.1
v1.3.2
v1.3.3
v1.3.4
v1.3.4-rc.1
v1.3.5
v1.3.5-rc.1
v1.3.5-rc.2
v1.3.5-rc.3
v1.3.6
v1.4.0
v1.4.0-rc.1
v1.4.0-rc.2
v1.4.1
v1.4.2
v1.4.2-rc.1
v1.5.0
v1.5.0-rc.1
v1.5.1
v1.5.1-rc.1
v1.5.1-rc.2
v1.5.10
v1.5.11
v1.5.11-rc.1
v1.5.12
v1.5.13
v1.5.13-rc.1
v1.5.14
v1.5.14-rc.1
v1.5.15
v1.5.16-rc.1
v1.5.2
v1.5.3
v1.5.4
v1.5.4-rc.1
v1.5.4-rc.2
v1.5.5
v1.5.6
v1.5.6-rc.1
v1.5.7
v1.5.7-rc.1
v1.5.7-rc.2
v1.5.8
v1.5.8-rc.1
v1.5.8-rc.2
v1.5.9
v1.5.9-rc.1
v1.6.0
v1.6.0-rc.1
v1.6.0-rc.2
v1.6.0-rc.3
v1.6.0-rc.4
v1.6.0-rc.5
v1.6.0-rc.6
v1.6.1
v1.6.1-rc.1
v1.6.2
v1.6.3
v1.6.3-rc.1
v1.6.4
v1.6.5
v1.6.6
v1.6.6-rc.1
v1.6.7
v1.6.8
v1.6.8-rc.1
v1.7.0
v1.7.1
v1.7.10
v1.7.11
v1.7.11-rc.1
v1.7.12
v1.7.13
v1.7.13-rc.1
v1.7.14
v1.7.14-rc.1
v1.7.15
v1.7.15-rc.1
v1.7.16
v1.7.16-rc.1
v1.7.17
v1.7.17-rc.1
v1.7.17-sc1
v1.7.18
v1.7.19
v1.7.19-rc.1
v1.7.2
v1.7.20
v1.7.20-sc1
v1.7.21
v1.7.21-rc.1
v1.7.22
v1.7.22-rc.1
v1.7.22-sc1
v1.7.23
v1.7.23-rc.1
v1.7.24
v1.7.24-rc.1
v1.7.24-sc1
v1.7.25
v1.7.25-rc.1
v1.7.26
v1.7.26-rc.1
v1.7.27
v1.7.27-rc.1
v1.7.28
v1.7.28-rc.1
v1.7.29
v1.7.29-rc.1
v1.7.29-sc1
v1.7.3
v1.7.3-rc.1
v1.7.30
v1.7.30-rc.1
v1.7.31
v1.7.31-rc.1
v1.7.32
v1.7.32-rc.1
v1.7.32-sc1
v1.7.33
v1.7.33-rc.1
v1.7.34
v1.7.34-rc.1
v1.7.4
v1.7.4-rc.1
v1.7.5
v1.7.5-rc.1
v1.7.6
v1.7.6-rc.1
v1.7.7
v1.7.8
v1.7.8-rc.1
v1.7.9
v1.7.9-rc.1
v1.8.0
v1.8.0-rc.1
v1.8.1
v1.8.2
v1.8.2-rc.1
v1.8.2-rc.2
v1.8.2-rc.3
v1.8.3-rc.1
v1.8.3-rc.2
v1.8.4
v1.8.4-sc1
v1.8.5
v1.8.5-sc1
v1.8.6-rc.1
v1.8.6-rc.2
v1.9.0
v1.9.0-sc.1
v1.9.1
v1.9.1-rc.1
v1.9.1-rc.2
v1.9.2
v1.9.3
v1.9.3-rc.1
v1.9.3-rc.2
v1.9.3-rc.3
v1.9.4
v1.9.4-rc.1
v1.9.5
v1.9.5-rc.1
v1.9.5-sc.2
v1.9.6
v1.9.6-rc.2

v10.*

v10.0.0
v10.0.0-rc.1
v10.1.0
v10.1.0-rc.1

v11.*

v11.0.0
v11.0.0-rc.1
v11.1.0
v11.1.0-rc.1
v11.2.0
v11.2.0-rc.1

v12.*

v12.0.0
v12.0.0-rc.1
v12.0.1
v12.0.1-rc.1
v12.1.0
v12.1.0-rc.1
v12.2.0
v12.2.0-rc.1
v12.3.0
v12.3.0-rc.1
v12.3.0-rc.2
v12.3.1
v12.4.0
v12.4.0-rc.1
v12.4.1
v12.5.0
v12.5.0-rc.1

v13.*

v13.0.0
v13.0.0-rc.1

v14.*

v14.0.0
v14.0.0-rc.1
v14.0.0-rc.2
v14.0.1

v15.*

v15.0.0
v15.0.0-rc.1
v15.1.0
v15.1.0-rc.1
v15.1.1
v15.1.1-rc.1
v15.2.0
v15.2.0-rc.1

v2.*

v2.4.2
v2.4.3
v2.4.3-rc.1
v2.4.4
v2.4.4-rc.1
v2.4.5
v2.4.6
v2.4.6-rc.1

v3.*

v3.0.0
v3.0.0-rc.1

v4.*

v4.0.0
v4.0.0-rc.1

v5.*

v5.0.0
v5.0.0-rc.1
v5.0.1
v5.1.0
v5.1.0-rc.1
v5.1.1
v5.1.1-rc.1
v5.2.0
v5.2.0-rc.1
v5.3.0-rc.1
v5.3.1-rc.1
v5.3.1-rc.2
v5.3.1-rc.3
v5.3.1-rc.4

v6.*

v6.0.0
v6.0.0-rc.1
v6.0.0-rc.2
v6.1.0
v6.1.0-rc.1
v6.2.0
v6.2.0-rc.1
v6.2.1
v6.2.2

v7.*

v7.0.0
v7.0.0-rc.1
v7.1.0
v7.1.0-rc.1

v8.*

v8.0.0
v8.0.1
v8.0.1-rc.1
v8.1.0
v8.1.0-rc.1
v8.2.0
v8.2.0-rc.1
v8.3.0
v8.3.0-rc.1
v8.4.0
v8.4.0-rc.1
v8.4.1
v8.5.0
v8.5.0-rc.1

v9.*

v9.0.0
v9.0.0-rc.1
v9.0.1
v9.1.0
v9.1.0-rc.1
v9.10.0
v9.10.0-rc.1
v9.11.0
v9.11.0-rc.1
v9.2.0
v9.2.0-rc.1
v9.3.0
v9.3.0-rc.1
v9.4.0
v9.4.0-rc.1
v9.4.0-rc.2
v9.4.1
v9.5.0
v9.5.0-rc.1
v9.5.1
v9.6.0
v9.6.0-rc.1
v9.7.0
v9.7.0-rc.1
v9.8.0
v9.8.0-rc.1
v9.9.0
v9.9.0-rc.1