Kasak

**Name of the Vulnerable Software and Affected Versions** matrix-sdk-crypto version 0.7.0 matrix-sdk-crypto versions prior to 0.7.1 **Description** The issue concerns a logic bug in the matrix-sdk-crypto crate, which is part of the Matrix Rust SDK project. This bug causes the private part of the backup key pair to be logged to Rust debug logs using the `tracing` crate. The key backup is used for storing encrypted copies of Matrix message keys, facilitating key sharing between devices and providing a redundant copy in case devices are lost. It utilizes asymmetric cryptography with unique public-private key pairs for each server-side key backup. **Recommendations** For matrix-sdk-crypto version 0.7.0, update to version 0.7.1 to resolve the issue. As a temporary workaround, consider disabling the logging feature in the `tracing` crate until the update to version 0.7.1 is applied.

**Name of the Vulnerable Software and Affected Versions** matrix-sdk-crypto versions prior to 0.8.0 **Description** The issue concerns a lack of a dedicated mechanism to notify when a user's cryptographic identity changes from verified to unverified, potentially causing client applications to overlook such changes. This could lead to security issues if not properly addressed. The `VerificationLevel::VerificationViolation` enum variant, introduced in version 0.8.0, indicates that a previously verified identity has been changed. **Recommendations** For versions prior to 0.8.0, update to version 0.8.0 or later to include the new `VerificationLevel::VerificationViolation` enum variant, which provides the necessary notification mechanism for changes in a user's cryptographic identity.

**Name of the Vulnerable Software and Affected Versions** Synapse versions prior to 1.68.0 **Description** The issue occurs when Synapse and a malicious homeserver are both joined to the same room. The malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further messages and state changes sent in that room from the vulnerable homeserver to be rejected. Synapse homeservers are affected if they are joined to rooms with members of untrusted homeservers. **Recommendations** For Synapse versions prior to 1.68.0, upgrade to version 1.68.0 or higher to resolve the issue. As a temporary workaround, consider disabling federation by setting `federation domain whitelist` to an empty list (`[]`). This can help minimize the risk of exploitation until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Synapse versions up to and including 1.68.0 **Description** The Matrix Federation API in Synapse allows remote homeservers to request authorization events in a room, which is necessary for validating the legitimacy and permission of events. However, in affected versions, a Synapse homeserver does not sufficiently check if the requesting server should be able to access these events. This issue can be exploited when a malicious actor knows the ID of a target room and the ID of an event from that room. The issue is of negligible consequence for public rooms and deployments in a closed federation where all homeservers are trustworthy. **Recommendations** For Synapse versions up to and including 1.68.0, upgrade to Synapse 1.69.0 to resolve the issue. As a temporary workaround, consider configuring Synapse with a list of trusted servers using the `federation domain whitelist` to restrict access, but this is not practical for homeservers participating in open federation.

**Name of the Vulnerable Software and Affected Versions** matrix-js-sdk versions prior to 24.1.0 **Description** An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possible because matrix-js-sdk's group call implementation accepts incoming direct calls from other users, even if they have not yet declared intent to participate in the group call, as a means of resolving a race condition in call setup. Affected versions do not restrict access to the user's outbound media in this case. Legacy 1:1 calls are unaffected. **Recommendations** For versions prior to 24.1.0, update to version 24.1.0 to resolve the issue. As a temporary workaround, users may hold group calls in private rooms where only the exact users who are expected to participate in the call are present.

**Name of the Vulnerable Software and Affected Versions** Element iOS versions prior to 1.9.7 **Description** The issue affects the Element iOS client, which is based on MatrixSDK. Prior to version 1.9.7, events encrypted using Megolm for which trust could not be established did not get decorated accordingly, allowing a malicious homeserver to inject messages into the room without the user being alerted. This could happen even if the user has previously verified all group members. **Recommendations** For versions prior to 1.9.7, update to version 1.9.7 to resolve the issue. As a temporary workaround, consider restricting access to unverified group members to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Synapse versions prior to 1.53.0 **Description** The issue arises when Synapse attempts to generate URL previews for media stream URLs without properly limiting connection time. Connections are only terminated after a certain amount of data (`max spider size`, default 10M) has been downloaded, potentially leading to long-lived connections and excessive traffic towards streaming media servers like Icecast. This can occur if a stream URL is posted to a large room with many Synapse instances that have URL preview enabled. Version 1.52.0 introduces a timeout mechanism to terminate URL preview connections after 30 seconds, and version 1.53.0 further implements an allow list for content types to attempt URL previews. **Recommendations** To fully resolve the issue, upgrade to version 1.53.0. As a temporary workaround, turn off URL preview functionality by setting `url preview enabled: false` in the Synapse configuration file.