Headline

GHSA-9763-4f94-gfch: CIRCL's Kyber: timing side-channel (kyberslash2)

Impact

On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn (parts of) the secret key.

Does not apply to ephemeral usage, such as when used in the regular way in TLS.

Patches

Patched in 1.3.7.

References

kyberslash.cr.yp.to

10 months ago

ghsa

Open in Source

#git #ssl

Package

gomod github.com/cloudflare/circl (Go)

Affected versions

< 1.3.7

Patched versions

1.3.7

Description

Impact

On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn (parts of) the secret key.

Does not apply to ephemeral usage, such as when used in the regular way in TLS.

Patches

Patched in 1.3.7.

References

kyberslash.cr.yp.to

References

GHSA-9763-4f94-gfch
cloudflare/circl@75ef91e
https://kyberslash.cr.yp.to/

bwesterb published to cloudflare/circl

Jan 8, 2024

Published to the GitHub Advisory Database

Jan 8, 2024

Reviewed

Jan 8, 2024

Last updated

Jan 8, 2024

ghsa: Latest News

GHSA-gppm-hq3p-h4rp: Git credentials are exposed in Atlantis logs

2 hours ago

ghsa

GHSA-gr3c-q7xf-47vh: XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

2 hours ago

ghsa

GHSA-8m24-3cfx-9fjw: sp1 has insufficient observation of cumulative sum

4 hours ago

ghsa

GHSA-j857-2pwm-jjmm: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

5 hours ago

ghsa

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

23 hours ago

ghsa