Lucene search
+L

41 matches found

euvd
euvd
added 2026/06/25 7:59 p.m.6 views

EUVD-2026-39553

ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2 security, allowing decapsulation to deviate from the implicit-rejection behavior required by the standard. The AVX2 constant-time ciphertext comparison used during decapsulation never compared the...

6.3CVSS5.9AI score0.00161EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 7:59 p.m.9 views

CVE-2026-10097

wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...

8.3CVSS5.8AI score0.00161EPSS
Exploits0References2
osv
osv
added 2026/05/19 4:18 p.m.18 views

GHSA-FHVH-VW7H-9XF3 libcrux-ml-dsa: Signature Verification on AVX2 Platforms Mishandles Edge Case

The AVX2 implementation of ML-DSA verification incorrectly implemented the usehint function, mishandling an edge case that should lead to signature rejection. Impact An attacker could make the ML-DSA verifier accept a crafted invalid signature under a maliciously generated verification key, if th...

8.2CVSS5.8AI score
Exploits0References5
euvd
euvd
added 2026/05/08 9:31 a.m.15 views

EUVD-2026-28534

A vulnerability in Legion of the Bouncy Castle Inc. BC-FJA BC-FIPS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-FJA: from 2.1.0 through 2.1.2...

5.1CVSS5.8AI score0.00158EPSS
Exploits0References2
github
github
added 2026/05/08 9:31 a.m.12 views

Bouncy Castle LTS native GCM chunking can cause bad-tag exception on decryption

In Bouncy Castle LTS for Java, the AES/GCM native implementation used on Intel CPUs with AES PAA instruction sets AVX / VAES / VAESF variants can intermittently produce an incorrect authentication tag verification result during decryption when the ciphertext is fed in via a mix of update calls...

5.1CVSS6AI score0.00158EPSS
Exploits0References3Affected Software1
snyk
snyk
added 2026/04/07 11:9 p.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the AES-CFB-128 process on x86-64 systems with AVX-512 and VAES support when processing partial cipher blocks. An attacker can cause a crash and application termination by providing input buffers that end at a memo...

9.1CVSS6AI score0.00313EPSS
Exploits0References2
nessus
nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 (CVE-2023-4807)

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References11
packetstormnews
packetstormnews
added 2025/09/01 12:0 a.m.6 views

AVX-Based Timing Side Channel — ASLR Detection

This work demonstrates a technique for detecting ASLR using AVX memory load instructions combined with RDTSCP timing and SIGSEGV detection. It illustrates how side-channel timing measurements can be applied to analyze memory layout randomization...

6.9AI score
Exploits0
redhat
redhat
added 2023/10/18 4:21 p.m.5 views

OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:...

3.7CVSS7.4AI score0.00883EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 3:36 a.m.5 views

SUSE CVE-2021-45696

An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may be incorrect when the AVX2-accelerated backend is used...

9.8CVSS7AI score0.00805EPSS
Exploits0References3
osv
osv
added 2021/12/27 12:15 a.m.8 views

CVE-2021-45696

An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may be incorrect when the AVX2-accelerated backend is used...

9.8CVSS7.2AI score0.00805EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2021/09/08 12:0 a.m.6 views

PT-2021-24270 · Sha2 · Sha2

Name of the Vulnerable Software and Affected Versions: sha2 crate version 0.9.7 Description: An issue was discovered in the sha2 crate for Rust, where hashes of long messages may be incorrect when the AVX2-accelerated backend is used. This backend was introduced in version 0.9.7 and was...

9.8CVSS9.4AI score0.00805EPSS
Exploits0References9
redhat
redhat
added 2021/08/31 9:26 a.m.2 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/31 8:30 a.m.6 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/31 8:15 a.m.4 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/31 7:59 a.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/24 10:1 a.m.5 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/10 4:13 p.m.4 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/09 10:18 a.m.5 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
redhat
redhat
added 2021/08/09 9:56 a.m.3 views

hw: Vector Register Leakage-Active

A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...

5.5CVSS6.5AI score0.00438EPSS
Exploits0References6
Rows per page
Query Builder