Miggo Logo

CVE-2024-52805: Synapse allows unsupported content types to lead to memory exhaustion

8.2

CVSS Score
4.0

Basic Information

EPSS Score
0.30308%
Published
12/3/2024
Updated
12/3/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Package NameEcosystemVulnerable VersionsFirst Patched Version
matrix-synapsepip< 1.120.11.120.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of multipart/form-data requests. Synapse's media upload endpoint (MediaRepositoryResource) likely processes these requests using Twisted's HTTP stack. The high-confidence entry points to Synapse's own media handling code where Content-Type validation was missing before processing. The medium-confidence Twisted function shows the underlying framework behavior that exacerbates the issue when unsupported content types are allowed. The CWE-770 alignment and references to Twisted's multipart processing issues (#4688) support this analysis.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t In Syn*ps* ***or* *.***.*, `multip*rt/*orm-**t*` r*qu*sts **n in **rt*in *on*i*ur*tions tr*nsi*ntly in*r**s* m*mory *onsumption **yon* *xp**t** l*v*ls w*il* pro**ssin* t** r*qu*st, w*i** **n ** us** to *mpli*y **ni*l o* s*rvi** *tt**ks.

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* multip*rt/*orm-**t* r*qu*sts. Syn*ps*'s m**i* uplo** *n*point (M**i*R*positoryR*sour**) lik*ly pro**ss*s t**s* r*qu*sts usin* Twist**'s `*TTP` st**k. T** *i**-*on*i**n** *ntry points to Syn*ps*'s own