Security Advisory

CVE-2024-37880

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-10 00:00:00

Last updated 2024-08-02 03:57:39

Assigner mitre

State PUBLISHED

Description

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with some common optimization options, has a timing side channel that allows attackers to recover an ML-KEM 512 secret key in minutes. This occurs because poly_frommsg in poly.c does not prevent Clang from emitting a vulnerable secret-dependent branch.

← Browse all CVEs View on cve.org ↗