{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40640", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-08T16:13:15.512Z", "datePublished": "2024-07-17T17:27:15.586Z", "dateUpdated": "2024-08-02T04:33:11.880Z"}, "containers": {"cna": {"title": "Usage of non-constant time base64 decoder could lead to leakage of secret key material in vodozemac", "problemTypes": [{"descriptions": [{"cweId": "CWE-208", "lang": "en", "description": "CWE-208: Observable Timing Discrepancy", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq"}, {"name": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272", "tags": ["x_refsource_MISC"], "url": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272"}, {"name": "https://arxiv.org/abs/2108.04600", "tags": ["x_refsource_MISC"], "url": "https://arxiv.org/abs/2108.04600"}], "affected": [{"vendor": "matrix-org", "product": "vodozemac", "versions": [{"version": "< 0.7.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-17T17:27:15.586Z"}, "descriptions": [{"lang": "en", "value": "vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. The impact of this vulnerability is considered low because exploiting the attacker is required to have access to high precision timing measurements, as well as repeated access to the base64 encoding or decoding processes. Additionally, the estimated leakage amount is bounded and low according to the referenced paper. This has been patched in commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 which has been included in release version 0.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"}], "source": {"advisory": "GHSA-j8cm-g7r6-hfpq", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-17T18:15:24.360907Z", "id": "CVE-2024-40640", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:15:31.774Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.880Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq"}, {"name": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272"}, {"name": "https://arxiv.org/abs/2108.04600", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://arxiv.org/abs/2108.04600"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-17T18:15:24.360907Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:15:28.306Z"}}], "cna": {"title": "Usage of non-constant time base64 decoder could lead to leakage of secret key material in vodozemac", "source": {"advisory": "GHSA-j8cm-g7r6-hfpq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.9, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "matrix-org", "product": "vodozemac", "versions": [{"status": "affected", "version": "< 0.7.0"}]}], "references": [{"url": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq", "name": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272", "name": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272", "tags": ["x_refsource_MISC"]}, {"url": "https://arxiv.org/abs/2108.04600", "name": "https://arxiv.org/abs/2108.04600", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. The impact of this vulnerability is considered low because exploiting the attacker is required to have access to high precision timing measurements, as well as repeated access to the base64 encoding or decoding processes. Additionally, the estimated leakage amount is bounded and low according to the referenced paper. This has been patched in commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 which has been included in release version 0.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-208", "description": "CWE-208: Observable Timing Discrepancy"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-17T17:27:15.586Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40640", "state": "PUBLISHED", "dateUpdated": "2024-07-17T18:15:31.774Z", "dateReserved": "2024-07-08T16:13:15.512Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-17T17:27:15.586Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. The impact of this vulnerability is considered low because exploiting the attacker is required to have access to high precision timing measurements, as well as repeated access to the base64 encoding or decoding processes. Additionally, the estimated leakage amount is bounded and low according to the referenced paper. This has been patched in commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 which has been included in release version 0.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"}, {"lang": "es", "value": "vodozemac es una implementaci\u00f3n de c\u00f3digo abierto de Olm y Megolm en Rust puro. Las versiones anteriores a la 0.7.0 de vodozemac utilizan una implementaci\u00f3n base64 de tiempo no constante para importar material clave para sesiones de grupo Megolm y claves secretas `PkDecryption` Ed25519. Esta falla podr\u00eda permitir a un atacante inferir cierta informaci\u00f3n sobre el material de la clave secreta a trav\u00e9s de un ataque de canal lateral. El uso de una implementaci\u00f3n de base64 de tiempo no constante podr\u00eda permitir a un atacante observar variaciones de tiempo en las operaciones de codificaci\u00f3n y decodificaci\u00f3n del material de clave secreta. Potencialmente, esto podr\u00eda proporcionar informaci\u00f3n sobre el material de la clave secreta subyacente. El impacto de esta vulnerabilidad se considera bajo porque para explotar al atacante se requiere tener acceso a mediciones de tiempo de alta precisi\u00f3n, as\u00ed como acceso repetido a los procesos de codificaci\u00f3n o decodificaci\u00f3n base64. Adem\u00e1s, la cantidad estimada de fuga es limitada y baja seg\u00fan el documento de referencia. Esto se ha parcheado en el commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 que se ha incluido en la versi\u00f3n 0.7.0. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2024-40640", "lastModified": "2024-07-18T12:28:43.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-17T18:15:04.787", "references": [{"source": "security-advisories@github.com", "url": "https://arxiv.org/abs/2108.04600"}, {"source": "security-advisories@github.com", "url": "https://github.com/matrix-org/vodozemac/commit/734b6c6948d4b2bdee3dd8b4efa591d93a61d272"}, {"source": "security-advisories@github.com", "url": "https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-208"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}