Introduction
In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides a redundant copy in case all devices are lost. The key backup uses asymmetric cryptography, with each server-side key backup assigned a unique public-private key pair.
Rageshakes are a feature in Element clients that allow users to report bugs by shaking their device, which also uploads debug logs for analysis.
Impact
A bug in the matrix-sdk-crypto create (a part of the Matrix Rust SDK project; CVE-2024-34353 / GHSA-9ggc-845v-gcgv) resulted in the private part of the backup key pair being mistakenly logged into debug logs. If in such a case a user submits a bug report (i.e. rageshakes) from an affected Element X Android version (>=0.4.1, <0.4.12), this key will uploaded to Element's rageshake server.
Patches
The issue has been patched in Element X Android 0.4.12.
Workarounds
Don't submit bug reports (rageshakes) from affected Element X Android versions.
References
Introduction
In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides a redundant copy in case all devices are lost. The key backup uses asymmetric cryptography, with each server-side key backup assigned a unique public-private key pair.
Rageshakes are a feature in Element clients that allow users to report bugs by shaking their device, which also uploads debug logs for analysis.
Impact
A bug in the matrix-sdk-crypto create (a part of the Matrix Rust SDK project; CVE-2024-34353 / GHSA-9ggc-845v-gcgv) resulted in the private part of the backup key pair being mistakenly logged into debug logs. If in such a case a user submits a bug report (i.e. rageshakes) from an affected Element X Android version (>=0.4.1, <0.4.12), this key will uploaded to Element's rageshake server.
Patches
The issue has been patched in Element X Android 0.4.12.
Workarounds
Don't submit bug reports (rageshakes) from affected Element X Android versions.
References