CVE-2021-44538 – Debian Security Advisory 5034-1

https://notcve.org/view.php?id=CVE-2021-44538

14 Dec 2021 — The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undoc... • https://gitlab.matrix.org/matrix-org/olm/-/tags • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •