Cache-Timing Vulnerability in Discontinued Matrix libolm Products
CVE-2024-45192
Currently unrated
What is CVE-2024-45192?
A vulnerability in the Matrix libolm library allows for potential cache-timing attacks due to the implementation of base64 decoding for group session keys. This issue only affects versions of libolm that are no longer supported by the maintainer, thereby increasing the risk for users still relying on these outdated versions. The flaw exposes sensitive information, enabling attackers to exploit timing discrepancies and gain unauthorized access to session data.