CVE-2021-44538

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-44538
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44538.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-44538
Downstream
Related
Published
2021-12-14T14:15:09.410Z
Modified
2026-03-15T22:43:01.226498Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olmsessiondescribe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.

References

Affected packages

Git / github.com/ajbura/cinny

Affected ranges

Type
GIT
Repo
https://github.com/ajbura/cinny
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5d380453a4a85728d89b28428600cdc7bfc451e4
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.6.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/matrix-org/matrix-js-sdk
Events
Introduced
c874783742f17921830aa274106d65e3e8af903c
Fixed
f4839a3b4f1877111b2e0360a1b3b0dd2047193e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
662fcb426b11add2e217c93eb6781cfe5a2010e2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
340fa6c63e632d531009abe01d73deddabc56a95
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
88945a6d6d887613b856926a8554ff89b36a7ebb
Database specific 
{
    "versions": [
        {
            "introduced": "2.4.2"
        },
        {
            "fixed": "15.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "11.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/schildichat/schildichat-desktop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.7"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.7"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.7-sc1"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.7-sc1"
        }
    ]
}
Type
GIT
Repo
https://gitlab.matrix.org/matrix-org/olm
Events
Introduced
6753595300767dd70150831dbbe6f92d64e75038
Fixed
797183f27f1c8cdb9d4551aaa317bd13ff02401b
Database specific 
{
    "versions": [
        {
            "introduced": "3.1.4"
        },
        {
            "fixed": "3.2.8"
        }
    ]
}

Affected versions

3.*
3.1.4
3.1.5
3.2.0
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
v1.*
v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.3.0
v1.3.1
v1.5.0
v1.5.1
v1.7.12
v1.7.13
v1.7.14
v1.7.15
v1.7.16
v1.7.17-sc1
v1.7.20-sc1
v1.7.22-sc1
v1.7.24-sc1
v1.7.29-sc1
v1.7.32-sc1
v1.7.8
v1.8.4-sc1
v1.8.5-sc1
v1.9.0-sc.1
v1.9.5-sc.2
v10.*
v10.0.0
v10.0.0-rc.1
v10.1.0
v10.1.0-rc.1
v11.*
v11.0.0
v11.0.0-rc.1
v11.1.0
v11.1.0-rc.1
v11.2.0
v11.2.0-rc.1
v12.*
v12.0.0
v12.0.0-rc.1
v12.0.1
v12.0.1-rc.1
v12.1.0
v12.1.0-rc.1
v12.2.0
v12.2.0-rc.1
v12.3.0
v12.3.0-rc.1
v12.3.0-rc.2
v12.3.1
v12.4.0
v12.4.0-rc.1
v12.4.1
v12.5.0
v12.5.0-rc.1
v13.*
v13.0.0
v13.0.0-rc.1
v14.*
v14.0.0
v14.0.0-rc.1
v14.0.0-rc.2
v14.0.1
v15.*
v15.0.0
v15.0.0-rc.1
v15.1.0
v15.1.0-rc.1
v15.1.1
v15.1.1-rc.1
v15.2.0
v15.2.0-rc.1
v2.*
v2.4.2
v2.4.3
v2.4.3-rc.1
v2.4.4
v2.4.4-rc.1
v2.4.5
v2.4.6
v2.4.6-rc.1
v3.*
v3.0.0
v3.0.0-rc.1
v4.*
v4.0.0
v4.0.0-rc.1
v5.*
v5.0.0
v5.0.0-rc.1
v5.0.1
v5.1.0
v5.1.0-rc.1
v5.1.1
v5.1.1-rc.1
v5.2.0
v5.2.0-rc.1
v5.3.0-rc.1
v5.3.1-rc.1
v5.3.1-rc.2
v5.3.1-rc.3
v5.3.1-rc.4
v6.*
v6.0.0
v6.0.0-rc.1
v6.0.0-rc.2
v6.1.0
v6.1.0-rc.1
v6.2.0
v6.2.0-rc.1
v6.2.1
v6.2.2
v7.*
v7.0.0
v7.0.0-rc.1
v7.1.0
v7.1.0-rc.1
v8.*
v8.0.0
v8.0.1
v8.0.1-rc.1
v8.1.0
v8.1.0-rc.1
v8.2.0
v8.2.0-rc.1
v8.3.0
v8.3.0-rc.1
v8.4.0
v8.4.0-rc.1
v8.4.1
v8.5.0
v8.5.0-rc.1
v9.*
v9.0.0
v9.0.0-rc.1
v9.0.1
v9.1.0
v9.1.0-rc.1
v9.10.0
v9.10.0-rc.1
v9.11.0
v9.11.0-rc.1
v9.2.0
v9.2.0-rc.1
v9.3.0
v9.3.0-rc.1
v9.4.0
v9.4.0-rc.1
v9.4.0-rc.2
v9.4.1
v9.5.0
v9.5.0-rc.1
v9.5.1
v9.6.0
v9.6.0-rc.1
v9.7.0
v9.7.0-rc.1
v9.8.0
v9.8.0-rc.1
v9.9.0
v9.9.0-rc.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44538.json"