Lucene search
GoogleOSV:CVE-2021-40824HistorySep 13, 2021 - 7:15 p.m.
CVE-2021-40824
2021-09-1319:15:19
Google
osv.dev
6
logic error
room key sharing
element android
matrix android
encryption keys
matrix homeserver
crafted messages
end-to-end encryption
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the attacker to decrypt end-to-end encrypted messages sent by affected clients.
Related
osv
osv
Logic error in Matrix SDK for Android
2022-05-24 19:14:16
cvelist
cvelist
CVE-2021-40824
2021-09-13 18:49:28
nvd
nvd
CVE-2021-40824
2021-09-13 19:15:19
prion
prion
Code injection
2021-09-13 19:15:00
github
github
Logic error in Matrix SDK for Android
2022-05-24 19:14:16
cve
cve
CVE-2021-40824
2021-09-13 19:15:19
alpinelinux
alpinelinux
CVE-2021-40824
2021-09-13 19:15:19
nessus
nessus
freebsd
freebsd
Matrix clients -- several vulnerabilities
2021-08-23 00:00:00