Showing 1 - 2 of 2

CVE-2021-44538

Status Candidate

Overview

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.

Related Files

Ubuntu Security Notice USN-5248-1: Posted Jan 24, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code.; tags | advisory, denial of service, arbitrary, spoof; systems | linux, ubuntu; advisories | CVE-2021-29981, CVE-2021-29987, CVE-2021-29991, CVE-2021-38495, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38502, CVE-2021-38503, CVE-2021-38504, CVE-2021-38508, CVE-2021-38509, CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22740, CVE-2022-22741, CVE-2022-22745, CVE-2022-22747; SHA-256 | ee94116ff4e4b3081cc98a796565452f32b9979d45115195dba7be2d4510ee9a; Download | Favorite | View

Ubuntu Security Notice USN-5246-1: Posted Jan 21, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5246-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass security restrictions, or execute arbitrary code.; tags | advisory, denial of service, arbitrary, spoof; systems | linux, ubuntu; advisories | CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43546, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22751; SHA-256 | bb2e4c8ab0377f822fe6dea499ddee9a3c91b266aa305adc3d5390e4e6812690; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 227 files
Ubuntu 94 files
Gentoo 29 files
Debian 21 files
tmrswrr 9 files
Sina Kheirkhah 7 files
bRpsd 4 files
Amit Roy 4 files
nu11secur1ty 3 files
Jann Horn 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,075)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,529)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,299)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,236)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,642)
UNIX (9,424)
UnixWare (187)
Windows (6,665)
Other

CVE-2021-44538

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems