CVE-2022-39250

Name of the Vulnerable Software and Affected Versions Matrix JavaScript SDK versions prior to 19.7.0

Description The issue is caused by a bug in the matrix-js-sdk, where an attacker cooperating with a malicious homeserver could interfere with the verification flow between two users, injecting its own cross-signing user identity in place of one of the users’ identities. This would lead to the other device trusting/verifying the user identity under the control of the homeserver instead of the intended one. The vulnerability is partly made possible due to the design decision of treating cross-signing user identities as Matrix devices on the server side. No other examined implementations were vulnerable. Starting with version 19.7.0, the matrix-js-sdk has been modified to double check that the key signed is the one that was verified instead of just referencing the key by ID. An additional check has been made to report an error when one of the device ID matches a cross-signing key.

Recommendations For versions prior to 19.7.0, update to version 19.7.0 or later to resolve the issue. As a temporary workaround, consider reviewing your device list or the device list of other users for devices with IDs in the form of a base64 cross-signing key (e.g., 5XaczGNlfz0bl8R1IX5qn+tBoue2tWJqLMh+SDUuvCk) instead of classical device ID (e.g., SEHACYDHMG). If you trust your homeserver, no particular workaround is needed.