First published: Thu Apr 15 2021(Updated: )
### Impact Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to disk space exhaustion and denial of service. Sydent also does not limit response size for requests it makes to remote Matrix homeservers. A malicious homeserver could return a very large response, again leading to memory exhaustion and denial of service. This affects any server which accepts registration requests from untrusted clients. ### Patches Patched by 89071a1, 0523511, f56eee3. ### Workarounds Request sizes can be limited in an HTTP reverse-proxy. There are no known workarounds for the problem with overlarge responses. ### For more information If you have any questions or comments about this advisory, email us at security@matrix.org.
Credit: security-advisories@github.com security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Matrix Sydent | <2.3.0 | |
pip/matrix-sydent | <2.3.0 | 2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-29430 is a vulnerability in the Matrix Sydent identity server that allows a malicious user to send very large HTTP requests, causing memory exhaustion and denial of service.
The severity of CVE-2021-29430 is high, with a severity score of 7.5.
Matrix Sydent versions up to and excluding 2.3.0 are affected by CVE-2021-29430.
To prevent the memory exhaustion and denial of service attack, it is recommended to update Matrix Sydent to a version that includes the fixed commits: 0523511d2fb40f2738f8a8549868f44b96e5dab7, 89071a1a754c69a50deac89e6bb74002d4cda19d, and f56eee315b6c44fdd9f6aa785cc2ec744a594428.
For additional information on CVE-2021-29430, you can refer to the following references: [link1], [link2], [link3].