Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Failures to correctly validate signatures on transactions and events [CVE-2018-16515] #3796

Closed
richvdh opened this issue Sep 5, 2018 · 2 comments
Closed

Failures to correctly validate signatures on transactions and events [CVE-2018-16515] #3796

richvdh opened this issue Sep 5, 2018 · 2 comments

Comments

@richvdh
Copy link
Member

richvdh commented Sep 5, 2018

This is a placeholder for the security issues identified by CVE-2018-16515.
richvdh added a commit that referenced this issue Sep 6, 2018
@richvdh
Merge tag 'v0.33.3.1'
2fd17b5 
Synapse 0.33.3.1 (2018-09-06)
=============================

SECURITY FIXES
--------------

- Fix an issue where event signatures were not always correctly validated ([\#3796](#3796))
- Fix an issue where server_acls could be circumvented for incoming events ([\#3796](#3796))

Internal Changes
----------------

- Unignore synctl in .dockerignore to fix docker builds ([\#3802](#3802))
erikjohnston added a commit that referenced this issue Sep 6, 2018
@erikjohnston
Merge tag 'v0.33.3.1' into release-v0.33.4
d64b24d 
Synapse 0.33.3.1 (2018-09-06)
=============================

SECURITY FIXES
--------------

- Fix an issue where event signatures were not always correctly validated ([\#3796](#3796))
- Fix an issue where server_acls could be circumvented for incoming events ([\#3796](#3796))

Internal Changes
----------------

- Unignore synctl in .dockerignore to fix docker builds ([\#3802](#3802))
This was referenced Sep 6, 2018
Open
Closed
@richvdh
Copy link
Member Author

richvdh commented Sep 7, 2018
edited

There were three separate problems here:

(1) we didn't check that the event was signed by the sender's server. We did check that the event was signed by the "origin" server (see 2, 3), but there is nothing that requires them to be the same. This could have allowed the administrator of any server in a room to forge events from users on other servers in that room, including those users with privileged access levels. In short, it could allow a malicious user to take control of a room.

(2) we checked that the event was signed by whichever server is in the "origin" field in the event, but we didn't check that actually matched the event_id. That meant that a malicious server could spoof an existing event from a benign server, potentially dramatically changing it. We have not fully assessed the impact of this vulnerability, and it should be noted that there remains work to be done to ensure that malicious servers are prevented from manipulating room history by falsifying event content, which is being tracked under matrix-org/matrix-spec-proposals#1640.

(3) for push transactions, we applied server ACLs based on the "origin" field of the transaction, which the sending server was free to set to whatever it likes, rather than whatever the sending server authenticated as: this therefore provided a mechanism for malicious server to evade ACLs. (We also did some other things based on that field, with less serious potential consequences).

@richvdh richvdh closed this as completed Sep 7, 2018
@richvdh richvdh changed the title CVE-2018-16515 Failures to correctly validate signatures on transactions and events [CVE-2018-16515] Sep 7, 2018
@richvdh
Copy link
Member Author

richvdh commented Sep 27, 2018

(for clarity: this was fixed in v0.33.3.1 and v0.33.2.1).

@richvdh richvdh mentioned this issue May 21, 2024
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@richvdh