krille-chan
libolm is now deprecated.
In about two weeks there is going to be a disclosure of unfixed vulnerabilities in libolm, which in response has been deprecated by the Matrix developers in favour of vodozemac. Is migrating to vodozemac something that might be possible?
Edit: @tusooa is looking at fixing up vodozemac-bindings: https://github.com/Nheko-Reborn/nheko/issues/1786#issuecomment-2264412161
Yes this is planned. Dart bindings for the Rust library is already in progress 👍
fwiw the vulns disclosed by soatok are two timing side channels and Ed25519 signature malleability. it seems libolm devs have known about the side channels for a while now.
i'm not sure how feasible it is to actually collect this kind of timing information from libolm from an attacker's pov, but if such a threat vector is identified it seems like things could be pretty bad.
libolm has following CVE: * CVE-2024-45191 * CVE-2024-45192 * CVE-2024-45193
libolm has following CVE: * CVE-2024-45191 * CVE-2024-45192 * CVE-2024-45193
Thanks for sharing this. Actually I don't see those CVE as having any severity or an indication that using LibOlm is a problem right now. Yes, it has been deprecated in favour of Vodozemac but it is still safe to use until the migration is done. I really wonder how https://github.com/advisories/GHSA-gc66-2jq6-66c6 got "Critical severity" as it is afaik impossible to abuse remotely. There are much more severe other problems like man-in-the-middle attacks when not verifying the devices before using the encryption (that's why FluffyChat warns you with an orange icon).
LibOlm has got two security audits and the side channel attack thing is even mentioned in the LibOlm documentation since 9 years and was never seen as a problem for the daily usage (while it's definitely not an elegant implementation design).