CVE-2021-34813

Name of the Vulnerable Software and Affected Versions Matrix libolm versions prior to 3.2.3

Description The issue is related to a stack-based buffer overflow in the olm pk decrypt function, which can be triggered by a malicious Matrix homeserver. This could potentially allow remote code execution in nonstandard build configurations. The vulnerability is also described as a buffer overflow issue in the Double Ratchet Libolm implementation, which could enable a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For Matrix libolm versions prior to 3.2.3, update to version 3.2.3 or later to resolve the issue. As a temporary workaround, consider restricting interactions with potentially malicious Matrix homeservers to minimize the risk of exploitation.