CVE-2020-26257: Denial of service attack via incorrect parameters in Matrix Synapse
(updated )
A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /send_join, /send_leave, /invite or /exchange_third_party_invite request.
This can lead to a denial of service in which future events will not be correctly sent to other servers over federation.
This affects any server which accepts federation requests from untrusted servers.
References
- github.com/advisories/GHSA-hxmp-pqch-c8mm
- github.com/matrix-org/synapse/blob/develop/CHANGES.md
- github.com/matrix-org/synapse/commit/3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b
- github.com/matrix-org/synapse/pull/8776
- github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mm
- github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2020-236.yaml
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DBTIU3ZNBFWZ56V4X7JIAD33V5H2GOMC
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QR4MMYZKX5N5GYGH4H5LBUUC5TLAFHI7
- nvd.nist.gov/vuln/detail/CVE-2020-26257
Detect and mitigate CVE-2020-26257 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →