libolm

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Implementation of the Olm and Megolm cryptographic ratchets
Version	3.2.16-2 [extra-testing] 3.2.16-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2638	3.2.7-2	3.2.8-1	Medium	Fixed
AVG-2077	3.2.2-1	3.2.3-1	Low	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-44538	AVG-2638	Medium	Yes	Arbitrary code execution	The olm_session_describe function in Matrix libolm before version 3.2.8 is vulnerable to a buffer overflow. The Olm session object represents a...
CVE-2021-34813	AVG-2077	Low	Yes	Denial of service	Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from...

Issue

Group

Severity

Remote

Type

Description

CVE-2021-44538

AVG-2638

Medium

Yes

Arbitrary code execution

The olm_session_describe function in Matrix libolm before version 3.2.8 is vulnerable to a buffer overflow. The Olm session object represents a...

CVE-2021-34813

AVG-2077

Low

Yes

Denial of service

Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from...