VDB

GCVE-VVD-MAGEIA-2021-571

GCVE-VVD-MAGEIA-2021-571
Advisory Published
Vulnetix · Advisory published December 19, 2021
Updated olm packages fix security vulnerability: The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits (CVE-2021-44538).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaolm0 (affected), 3.2.1-1.1.mga8 (unaffected)

Aliases

CVE-2021-44538

Transitive aliases

OPENSUSE-SU-2024:11698-1EUVD-2021-31369OPENSUSE-SU-2022:0058-1SUSE-SU-2022:0058-1GHSA-q7f4-j236-f4hcGHSA-v2cr-gvw4-g56pVVD-CISA-2021-4126GSD-2021-4126VVD-MAGEIA-2021-584CVE-2021-4126BDU:2022-06100EUVD-2021-34000

References

Updated olm packages fix security vulnerability
advisory
Updated olm packages fix security vulnerability
issue
Updated olm packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›