diff options
| author | Erik Johnston <erik@matrix.org> | 2024-04-23 15:24:08 +0100 |
|---|---|---|
| committer | Erik Johnston <erik@matrix.org> | 2024-04-23 15:25:49 +0100 |
| commit | 55b0aa847a61774b6a3acdc4b177a20dc019f01a (patch) | |
| tree | 42ac888e03ce3c5a770f66cb8468468591bd8c2c /changelog.d/17044.misc | |
| parent | 1.105.0 (diff) | |
| download | synapse-55b0aa847a61774b6a3acdc4b177a20dc019f01a.tar.xz | |
Fix GHSA-3h7q-rfh9-xm4v
Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.104.1, can dispatch specially crafted events to exploit a weakness in how the auth chain cover index is calculated. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected.
Diffstat (limited to 'changelog.d/17044.misc')
| -rw-r--r-- | changelog.d/17044.misc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/17044.misc b/changelog.d/17044.misc new file mode 100644 index 0000000000..a1439752d3 --- /dev/null +++ b/changelog.d/17044.misc @@ -0,0 +1 @@ +Refactor auth chain fetching to reduce duplication. |