An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:NMatrix Olm
APPMatrix≤ 3.2.16
Powiązane podatności
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm se...
Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to r...
An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 w...
An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack o...
Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to ...