← voltar
CVE-2020-26257

Denial of service attack via incorrect parameters to federation APIs

CVSS 6.5 MEDIUMEPSS 2.4%CWE-400CWE-79
Em resumo

Um servidor malicioso pode enviar dados inválidos para um servidor Matrix informando identificadores de sala incorretos nas requisições de federação, fazendo com que o servidor deixe de entregar mensagens corretamente aos outros servidores da rede.

Detalhe técnico

A vulnerabilidade está nos endpoints de federação do Synapse (/send_join, /send_leave, /invite, /exchange_third_party_invite) que não validam se o ID da sala no caminho da requisição corresponde ao ID da sala no evento, permitindo que um atacante injete eventos em salas não intencionadas e interrompa o roteamento de mensagens de federação.

Resumo gerado e traduzido por IA a partir da descrição oficial.
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a `/send_join`, `/send_leave`, `/invite` or `/exchange_third_party_invite` request. This can lead to a denial of service in which future events will not be correctly sent to other servers over federation. This affects any server which accepts federation requests from untrusted servers. The Matrix Synapse reference implementation before version 1.23.1 the implementation is vulnerable to this injection attack. Issue is fixed in version 1.23.1. As a workaround homeserver administrators could limit access to the federation API to trusted servers (for example via `federation_domain_whitelist`).
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
matrix-org · synapse

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/matrix-org/synapse/blob/develop/CHANGES.md#synapse-1231-2020-12-09https://github.com/matrix-org/synapse/commit/3ce2f303f15f6ac3dc352298972dc6e04d9b7a8bhttps://github.com/matrix-org/synapse/pull/8776https://github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mmhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DBTIU3ZNBFWZ56V4X7JIAD33V5H2GOMC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QR4MMYZKX5N5GYGH4H5LBUUC5TLAFHI7/