5 matches found
CVE-2024-36405
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
CVE-2024-36405
CVE-2024-36405 affects the liboqs reference Kyber KEM implementation. A control-flow timing leak arises when the Kyber KEM is compiled with Clang 15–18 under certain options (including -Os and -O1), enabling a local attacker to measure decapsulation timings and recover the entire ML-KEM 512 secre...
CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
CVE-2024-36405
Removed by vendor...