CVE-2021-40823

Published on: 09/13/2021 12:00:00 AM UTC

Last Modified on: 09/24/2021 05:27:00 PM UTC

CVE-2021-40823

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Certain versions of Javascript Sdk from Matrix contain the following vulnerability:

A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-end encrypted messages sent by affected clients.

CVE-2021-40823 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.9 - MEDIUM

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
NETWORK	HIGH	NONE	NONE
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	HIGH	NONE	NONE

CVSS2 Score: 4.3 - MEDIUM

Access Vector^ⓘ	Access Complexity	Authentication
NETWORK	MEDIUM	NONE
Confidentiality Impact	Integrity Impact	Availability Impact
PARTIAL	NONE	NONE

CVE References

Description	Tags ^ⓘ	Link
Disclosing CVE-2021-40823 and CVE-2021-40824: E2EE vulnerability in multiple Matrix clients \| Matrix.org	matrix.org text/html	MISC matrix.org/blog/2021/09/13/vulnerability-disclosure-key-sharing
Release v12.4.1 · matrix-org/matrix-js-sdk · GitHub	github.com text/html	MISC github.com/matrix-org/matrix-js-sdk/releases/tag/v12.4.1

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

501918 Alpine Linux Security Update for riot-web
690038 Free Berkeley Software Distribution (FreeBSD) Security Update for matrix clients (93eb0e48-14ba-11ec-875e-901b0e9408dc)
980380 Nodejs (npm) Security Update for matrix-js-sdk (GHSA-23cm-x6j7-6hq3)

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Matrix	Javascript Sdk	All	All	All	All

cpe:2.3:a:matrix:javascript_sdk:*:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE

Social Mentions

Source	Title	Posted (UTC)
@Sami_Lehtinen	Disclosing CVE-2021-40823 and CVE-2021-40824: E2EE vulnerability in multiple Matrix clients matrix.org/blog/2021/09/1…… twitter.com/i/web/status/1…	2021-09-13 15:46:19
@_Spacegeek	"Disclosing CVE-2021-40823 and CVE-2021-40824: E2EE vulnerability in multiple Matrix clients" matrix.org/blog/2021/09/1… #Matrix	2021-09-13 16:08:05
@campuscodi	Disclosing CVE-2021-40823 and CVE-2021-40824: E2EE vulnerability in multiple Matrix clients matrix.org/blog/2021/09/1… https://t.co/OdOS9yxtnM	2021-09-13 17:28:03
@CVEreport	CVE-2021-40823 : A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK b… twitter.com/i/web/status/1…	2021-09-13 19:07:44
@schestowitz	Disclosing CVE-2021-40823 and CVE-2021-40824: E2EE vulnerability in multiple Matrix clients… twitter.com/i/web/status/1…	2021-09-13 20:42:37