CVE-2024-40640 – Usage of non-constant time base64 decoder could lead to leakage of secret key material in vodozemac
https://notcve.org/view.php?id=CVE-2024-40640
vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. • https://arxiv.org/abs/2108.04600 https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272 https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq • CWE-208: Observable Timing Discrepancy •
CVE-2024-34063 – Degraded secret zeroization capabilities in vodozemac
https://notcve.org/view.php?id=CVE-2024-34063
vodozemac is an implementation of Olm and Megolm in pure Rust. Versions 0.5.0 and 0.5.1 of vodozemac have degraded secret zeroization capabilities, due to changes in third-party cryptographic dependencies (the Dalek crates), which moved secret zeroization capabilities behind a feature flag and defaulted this feature to off. The degraded zeroization capabilities could result in the production of more memory copies of encryption secrets and secrets could linger in memory longer than necessary. This marginally increases the risk of sensitive data exposure. This issue has been addressed in version 0.6.0 and users are advised to upgrade. • https://github.com/matrix-org/vodozemac/commit/297548cad4016ce448c4b5007c54db7ee39489d9 https://github.com/matrix-org/vodozemac/security/advisories/GHSA-c3hm-hxwf-g5c6 • CWE-1188: Initialization of a Resource with an Insecure Default •