CVE-2021-44538

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-44538
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44538.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-44538
Downstream
Related
Published
2021-12-14T14:15:09Z
Modified
2025-11-09T15:06:22.280873Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olmsessiondescribe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.

References

Affected packages

Git

github.com/vector-im/element-web

Affected ranges

Type
GIT
Repo
https://github.com/vector-im/element-web
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
eae38311b24da6801366780fe889aafe2d892e9f

Affected versions

v0.*

v0.1.2
v0.10.0
v0.10.0-rc.2
v0.10.1
v0.10.2
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.1
v0.11.2
v0.11.2-rc.1
v0.11.2-rc.2
v0.11.3
v0.11.4
v0.12.0-rc.1
v0.12.1
v0.12.1-rc.1
v0.12.2
v0.12.3
v0.12.3-rc.1
v0.12.3-rc.2
v0.12.3-rc.3
v0.12.4
v0.12.4-rc.1
v0.12.5
v0.12.6
v0.12.7
v0.12.7-rc.1
v0.12.7-rc.2
v0.12.7-rc.3
v0.13.0
v0.13.0-rc.1
v0.13.0-rc.2
v0.13.0-rc.3
v0.13.1
v0.13.2
v0.13.3
v0.13.4
v0.13.5
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.1
v0.14.2
v0.14.2-rc.1
v0.14.2-rc.2
v0.14.2-rc.3
v0.14.3-rc.1
v0.15.0
v0.15.0-rc.1
v0.15.0-rc.2
v0.15.0-rc.3
v0.15.0-rc.4
v0.15.0-rc.5
v0.15.0-rc.6
v0.15.1
v0.15.2
v0.15.3
v0.15.4
v0.15.4-rc.1
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.6-rc.1
v0.15.6-rc.2
v0.15.7
v0.15.7-rc.1
v0.15.7-rc.2
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.1-rc.1
v0.16.2
v0.16.3
v0.16.3-rc.1
v0.16.3-rc.2
v0.16.4
v0.16.4-rc.1
v0.16.5
v0.16.5-rc.1
v0.16.6
v0.17.0
v0.17.0-rc.1
v0.17.1
v0.17.2
v0.17.3
v0.17.3-rc.1
v0.17.4
v0.17.5
v0.17.6
v0.17.6-rc.1
v0.17.6-rc.2
v0.17.7
v0.17.8
v0.17.8-rc.1
v0.17.9
v0.17.9-rc.1
v0.3.0
v0.4.0
v0.4.1
v0.5.0
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.4-r1
v0.7.5
v0.7.5-r1
v0.7.5-r2
v0.7.5-r3
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.9.10
v0.9.10-rc.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.6-rc.1
v0.9.7
v0.9.7-rc.1
v0.9.7-rc.2
v0.9.7-rc.3
v0.9.8
v0.9.8-rc.1
v0.9.8-rc.2
v0.9.8-rc.3
v0.9.9
v0.9.9-rc.1
v0.9.9-rc.2

v1.*

v1.0.0
v1.0.0-rc.1
v1.0.0-rc.2
v1.0.1
v1.0.2
v1.0.2-rc.1
v1.0.2-rc.2
v1.0.2-rc.3
v1.0.3
v1.0.4
v1.0.4-rc.1
v1.0.5
v1.0.6
v1.0.6-rc.1
v1.0.7
v1.0.8
v1.1.0
v1.1.0-rc.1
v1.1.1
v1.1.2
v1.2.0
v1.2.0-rc.1
v1.2.1
v1.2.2
v1.2.2-rc.1
v1.2.2-rc.2
v1.2.3
v1.2.3-rc.1
v1.2.4
v1.3.0
v1.3.0-rc.1
v1.3.0-rc.2
v1.3.0-rc.3
v1.3.1
v1.3.1-rc.1
v1.3.2
v1.3.3
v1.3.4
v1.3.4-rc.1
v1.3.5
v1.3.5-rc.1
v1.3.5-rc.2
v1.3.5-rc.3
v1.3.6
v1.4.0
v1.4.0-rc.1
v1.4.0-rc.2
v1.4.1
v1.4.2
v1.4.2-rc.1
v1.5.0
v1.5.0-rc.1
v1.5.1
v1.5.1-rc.1
v1.5.1-rc.2
v1.5.10
v1.5.11
v1.5.11-rc.1
v1.5.12
v1.5.13
v1.5.13-rc.1
v1.5.14
v1.5.14-rc.1
v1.5.15
v1.5.16-rc.1
v1.5.2
v1.5.3
v1.5.4
v1.5.4-rc.1
v1.5.4-rc.2
v1.5.5
v1.5.6
v1.5.6-rc.1
v1.5.7
v1.5.7-rc.1
v1.5.7-rc.2
v1.5.8
v1.5.8-rc.1
v1.5.8-rc.2
v1.5.9
v1.5.9-rc.1
v1.6.0
v1.6.0-rc.1
v1.6.0-rc.2
v1.6.0-rc.3
v1.6.0-rc.4
v1.6.0-rc.5
v1.6.0-rc.6
v1.6.1
v1.6.1-rc.1
v1.6.2
v1.6.3
v1.6.3-rc.1
v1.6.4
v1.6.5
v1.6.6
v1.6.6-rc.1
v1.6.7
v1.6.8
v1.6.8-rc.1
v1.7.0
v1.7.1
v1.7.10
v1.7.11
v1.7.11-rc.1
v1.7.12
v1.7.13
v1.7.13-rc.1
v1.7.14
v1.7.14-rc.1
v1.7.15
v1.7.15-rc.1
v1.7.16
v1.7.16-rc.1
v1.7.17
v1.7.17-rc.1
v1.7.18
v1.7.19
v1.7.19-rc.1
v1.7.2
v1.7.20
v1.7.21
v1.7.21-rc.1
v1.7.22
v1.7.22-rc.1
v1.7.23
v1.7.23-rc.1
v1.7.24
v1.7.24-rc.1
v1.7.25
v1.7.25-rc.1
v1.7.26
v1.7.26-rc.1
v1.7.27
v1.7.27-rc.1
v1.7.28
v1.7.28-rc.1
v1.7.29
v1.7.29-rc.1
v1.7.3
v1.7.3-rc.1
v1.7.30
v1.7.30-rc.1
v1.7.31
v1.7.31-rc.1
v1.7.32
v1.7.32-rc.1
v1.7.33
v1.7.33-rc.1
v1.7.34
v1.7.34-rc.1
v1.7.4
v1.7.4-rc.1
v1.7.5
v1.7.5-rc.1
v1.7.6
v1.7.6-rc.1
v1.7.7
v1.7.8
v1.7.8-rc.1
v1.7.9
v1.7.9-rc.1
v1.8.0
v1.8.0-rc.1
v1.8.1
v1.8.2
v1.8.2-rc.1
v1.8.2-rc.2
v1.8.2-rc.3
v1.8.3-rc.1
v1.8.3-rc.2
v1.8.4
v1.8.5
v1.8.6-rc.1
v1.8.6-rc.2
v1.9.0
v1.9.1
v1.9.1-rc.1
v1.9.1-rc.2
v1.9.2
v1.9.3
v1.9.3-rc.1
v1.9.3-rc.2
v1.9.3-rc.3
v1.9.4
v1.9.4-rc.1
v1.9.5
v1.9.5-rc.1
v1.9.6
v1.9.6-rc.2

gitlab.matrix.org/matrix-org/olm

Affected ranges

Type
GIT
Repo
https://gitlab.matrix.org/matrix-org/olm
Events
Introduced
6753595300767dd70150831dbbe6f92d64e75038
Fixed
797183f27f1c8cdb9d4551aaa317bd13ff02401b

Affected versions

3.*

3.1.4
3.1.5
3.2.0
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7

github.com/ajbura/cinny

Affected ranges

Type
GIT
Repo
https://github.com/ajbura/cinny
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5d380453a4a85728d89b28428600cdc7bfc451e4

Affected versions

v1.*

v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.3.0
v1.3.1
v1.5.0
v1.5.1

github.com/matrix-org/matrix-js-sdk

Affected ranges

Type
GIT
Repo
https://github.com/matrix-org/matrix-js-sdk
Events
Introduced
c874783742f17921830aa274106d65e3e8af903c
Fixed
f4839a3b4f1877111b2e0360a1b3b0dd2047193e

Affected versions

v10.*

v10.0.0
v10.0.0-rc.1
v10.1.0
v10.1.0-rc.1

v11.*

v11.0.0
v11.0.0-rc.1
v11.1.0
v11.1.0-rc.1
v11.2.0
v11.2.0-rc.1

v12.*

v12.0.0
v12.0.0-rc.1
v12.0.1
v12.0.1-rc.1
v12.1.0
v12.1.0-rc.1
v12.2.0
v12.2.0-rc.1
v12.3.0
v12.3.0-rc.1
v12.3.0-rc.2
v12.3.1
v12.4.0
v12.4.0-rc.1
v12.4.1
v12.5.0
v12.5.0-rc.1

v13.*

v13.0.0
v13.0.0-rc.1

v14.*

v14.0.0
v14.0.0-rc.1
v14.0.0-rc.2
v14.0.1

v15.*

v15.0.0
v15.0.0-rc.1
v15.1.0
v15.1.0-rc.1
v15.1.1
v15.1.1-rc.1
v15.2.0
v15.2.0-rc.1

v2.*

v2.4.2
v2.4.3
v2.4.3-rc.1
v2.4.4
v2.4.4-rc.1
v2.4.5
v2.4.6
v2.4.6-rc.1

v3.*

v3.0.0
v3.0.0-rc.1

v4.*

v4.0.0
v4.0.0-rc.1

v5.*

v5.0.0
v5.0.0-rc.1
v5.0.1
v5.1.0
v5.1.0-rc.1
v5.1.1
v5.1.1-rc.1
v5.2.0
v5.2.0-rc.1
v5.3.0-rc.1
v5.3.1-rc.1
v5.3.1-rc.2
v5.3.1-rc.3
v5.3.1-rc.4

v6.*

v6.0.0
v6.0.0-rc.1
v6.0.0-rc.2
v6.1.0
v6.1.0-rc.1
v6.2.0
v6.2.0-rc.1
v6.2.1
v6.2.2

v7.*

v7.0.0
v7.0.0-rc.1
v7.1.0
v7.1.0-rc.1

v8.*

v8.0.0
v8.0.1
v8.0.1-rc.1
v8.1.0
v8.1.0-rc.1
v8.2.0
v8.2.0-rc.1
v8.3.0
v8.3.0-rc.1
v8.4.0
v8.4.0-rc.1
v8.4.1
v8.5.0
v8.5.0-rc.1

v9.*

v9.0.0
v9.0.0-rc.1
v9.0.1
v9.1.0
v9.1.0-rc.1
v9.10.0
v9.10.0-rc.1
v9.11.0
v9.11.0-rc.1
v9.2.0
v9.2.0-rc.1
v9.3.0
v9.3.0-rc.1
v9.4.0
v9.4.0-rc.1
v9.4.0-rc.2
v9.4.1
v9.5.0
v9.5.0-rc.1
v9.5.1
v9.6.0
v9.6.0-rc.1
v9.7.0
v9.7.0-rc.1
v9.8.0
v9.8.0-rc.1
v9.9.0
v9.9.0-rc.1

github.com/schildichat/schildichat-desktop

Affected ranges

Type
GIT
Repo
https://github.com/schildichat/schildichat-desktop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5aaedf0f19ba337fcc837955eb6171f7c6ebc311

Affected versions

v1.*

v1.7.12
v1.7.13
v1.7.14
v1.7.15
v1.7.16
v1.7.17-sc1
v1.7.20-sc1
v1.7.22-sc1
v1.7.24-sc1
v1.7.29-sc1
v1.7.32-sc1
v1.7.8
v1.8.4-sc1
v1.8.5-sc1
v1.9.0-sc.1
v1.9.5-sc.2

github.com/vector-im/element-desktop

Affected ranges

Type
GIT
Repo
https://github.com/vector-im/element-desktop
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6e28c141abfb688d8d5ec8dca8a5033098f6da76

Affected versions

v1.*

v1.6.0
v1.6.0-rc.1
v1.6.0-rc.2
v1.6.0-rc.3
v1.6.0-rc.4
v1.6.0-rc.5
v1.6.0-rc.6
v1.6.1
v1.6.1-rc.1
v1.6.2
v1.6.3
v1.6.3-rc.1
v1.6.4
v1.6.5
v1.6.6
v1.6.6-rc.1
v1.6.7
v1.6.8
v1.6.8-rc.1
v1.7.0
v1.7.1
v1.7.10
v1.7.11
v1.7.11-rc.1
v1.7.12
v1.7.13
v1.7.13-rc.1
v1.7.14
v1.7.14-rc.1
v1.7.15
v1.7.15-rc.1
v1.7.16
v1.7.16-rc.1
v1.7.17
v1.7.17-rc.1
v1.7.18
v1.7.19
v1.7.19-rc.1
v1.7.2
v1.7.20
v1.7.21
v1.7.21-rc.1
v1.7.22
v1.7.22-rc.1
v1.7.23
v1.7.23-rc.1
v1.7.24
v1.7.24-rc.1
v1.7.25
v1.7.25-rc.1
v1.7.26
v1.7.26-rc.1
v1.7.27
v1.7.27-rc.1
v1.7.28
v1.7.28-rc.1
v1.7.29
v1.7.29-rc.1
v1.7.3
v1.7.3-rc.1
v1.7.30
v1.7.30-rc.1
v1.7.31
v1.7.31-rc.1
v1.7.32
v1.7.33
v1.7.34
v1.7.4
v1.7.4-rc.1
v1.7.5
v1.7.5-rc.1
v1.7.6
v1.7.6-rc.1
v1.7.7
v1.7.8
v1.7.8-rc.1
v1.7.9
v1.7.9-rc.1
v1.8.0
v1.8.1
v1.8.2
v1.8.4
v1.8.5
v1.9.0
v1.9.1
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6