SUSE CVE-2023-1732

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

Insecure Randomness

github.com/cloudflare/circl is vulnerable to Insecure Randomness. Kyber and FrodoKEM did not check whether crypto/rand.Read returned an error, leading to a predictable shared secret. The tkn20 and blindrsa components did not check if enough randomness was returned from the user provided randomnes...

GHSA-2Q89-485C-9J2X Improper random reading in CIRCL

Impact When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did...

CVE-2023-1732

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

Design/Logic Flaw

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

CVE-2023-1732 Improper random reading in CIRCL

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

CIRCL 安全漏洞

CIRCL is an open source collection of cryptographic primitives written in Go by Cloudflare. CIRCL has a security vulnerability that stems from the fact that the tkn20 and blindrsa components do not check whether a user-supplied random source returns sufficient randomness...

PT-2023-6901 · Circl · Circl

Name of the Vulnerable Software and Affected Versions: CIRCL versions prior to 1.3.3 Description: The issue arises from insufficient input validation and lack of measures to neutralize instructions in dynamically executed code in the crypto/rand.Read function. This could lead to a predictable...