GHSA-HCP2-X6J4-29J7 RustCrypto: Signatures has timing side-channel in ML-DSA decomposition

Summary A timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature. Details The analysis was performed using a constant-time analyzer that examines compiled assembly code for instructions with data-dependent timing...

CVE-2025-46153

CVE-2025-46153 affects PyTorch before 3.7.0, where a bernoulli_p decompos e function in decompositions.py is not fully consistent with the eager CPU implementation. This inconsistency negatively affects nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True. Connected documents pr...

SUSE CVE-2015-6582

The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service uninitialized memory access and application crash or possibl...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the decompose function in the Blink component of the Google Chrome browser is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted website...

Code injection

The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service uninitialized memory access and application crash or possibl...