First published: Tue Nov 24 2020(Updated: )
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the room's state, the impact is long-lasting and is not fixed by an upgrade to a newer version, requiring the event to be manually redacted instead. Since events are replicated to servers of other room members, the impact is not constrained to the server of the event sender.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Matrix Synapse | <1.20.0 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-26890.
The severity of CVE-2020-26890 is high, with a severity value of 7.5.
Matrix Synapse versions up to 1.20.0, Fedora versions 32 and 33 are affected by CVE-2020-26890.
CVE-2020-26890 allows remote attackers to execute a denial of service attack against the federation and common Matrix clients.
To fix CVE-2020-26890, it is recommended to upgrade to Matrix Synapse version 1.20.0 or later.