3 matches found
CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
TencentOS Server 4: opencryptoki (TSSA-2024:0927)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0927 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Medium: python-crypto
Issue Overview: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional...