CVE-2021-29430: Sydent vulnerable to denial of service attack via memory exhaustion
(updated )
Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to disk space exhaustion and denial of service.
Sydent also does not limit response size for requests it makes to remote Matrix homeservers. A malicious homeserver could return a very large response, again leading to memory exhaustion and denial of service.
This affects any server which accepts registration requests from untrusted clients.
References
- github.com/advisories/GHSA-wmg4-8cp2-hpg9
- github.com/matrix-org/sydent
- github.com/matrix-org/sydent/commit/0523511d2fb40f2738f8a8549868f44b96e5dab7
- github.com/matrix-org/sydent/commit/89071a1a754c69a50deac89e6bb74002d4cda19d
- github.com/matrix-org/sydent/commit/f56eee315b6c44fdd9f6aa785cc2ec744a594428
- github.com/matrix-org/sydent/releases/tag/v2.3.0
- github.com/matrix-org/sydent/security/advisories/GHSA-wmg4-8cp2-hpg9
- github.com/pypa/advisory-database/tree/main/vulns/matrix-sydent/PYSEC-2021-21.yaml
- nvd.nist.gov/vuln/detail/CVE-2021-29430
- pypi.org/project/matrix-sydent
Code Behaviors & Features
Detect and mitigate CVE-2021-29430 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →