CVE-2022-39252

When matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarder

Description

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust, and matrix-sdk-crypto is the Matrix encryption library. Prior to version 0.6, when a user requests a room key from their devices, the software correctly remembers the request. When the user receives a forwarded room key, the software accepts it without checking who the room key came from. This allows homeservers to try to insert room keys of questionable validity, potentially mounting an impersonation attack. Version 0.6 fixes this issue.

References

Link	Tags
https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-vp68-2wrm-69qm	third party advisory
https://github.com/matrix-org/matrix-rust-sdk/commit/093fb5d0aa21c0b5eaea6ec96b477f1075271cbb	third party advisory patch
https://github.com/matrix-org/matrix-rust-sdk/commit/41449d2cc360e347f5d4e1c154ec1e3185f11acd	third party advisory patch
https://github.com/matrix-org/matrix-rust-sdk/releases/tag/matrix-sdk-0.6.0	third party advisory release notes

Frequently Asked Questions

What is the severity of CVE-2022-39252?: CVE-2022-39252 has been scored as a high severity vulnerability.
How to fix CVE-2022-39252?: To fix CVE-2022-39252, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-39252 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-39252 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-39252?: CVE-2022-39252 affects matrix-org matrix-rust-sdk.

Description

Category

CWE-287 – Improper Authentication

References

Frequently Asked Questions