Matrix is vulnerable to denial of service and injection vulnerability. An attacker may inject a crafted event into a room by specifying a different room id in the path of a /send_join
, /send_leave
, /invite
or /exchange_third_party_invite
request leading to a denial of service in which future events will not be correctly sent to other servers over federation.
github.com/advisories/GHSA-hxmp-pqch-c8mm
github.com/matrix-org/synapse/blob/develop/CHANGES.md#synapse-1231-2020-12-09
github.com/matrix-org/synapse/commit/3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b
github.com/matrix-org/synapse/pull/8776
github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mm
lists.fedoraproject.org/archives/list/[email protected]/message/DBTIU3ZNBFWZ56V4X7JIAD33V5H2GOMC/
lists.fedoraproject.org/archives/list/[email protected]/message/QR4MMYZKX5N5GYGH4H5LBUUC5TLAFHI7/