CVE-2026-23519 RustCrypto cmov: thumbv6m-none-eabi compiler emits non-constant time assembly when using cmovnz

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...

CVE-2026-23519

The CVE-2026-23519 entry describes RustCrypto CMOV, which provides conditional move CPU intrinsics. The vulnerability concerns the thumbv6m-none-eabi target (Cortex-M0, M0+, M1) where the compiler emitted non-constant-time assembly for cmovnz prior to version 0.4.4. The issue affects how conditio...

CVE-2026-23519

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...

CVE-2026-23519 RustCrypto cmov: thumbv6m-none-eabi compiler emits non-constant time assembly when using cmovnz

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...

RustCrypto Utilities cmov: `thumbv6m-none-eabi` compiler emits non-constant time assembly when using `cmovnz`

Summary thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz portable version. I did not found any other target with the same behaviour but I did not go through all targets supported by Rust. Details It seems that, during mask computation, an LLVM...