CVE-2024-37880 | Kyber Reference implementation up to 18.x ML-KEM 512 Secret Key ref/poly.c poly_frommsg information exposure

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability classified as problematic was found in Kyber Reference implementation up to 18.x. Affected by this vulnerability is the function poly_frommsg of the file ref/poly.c of the component ML-KEM 512 Secret Key Handler. The manipulation leads to information exposure through discrepancy.

This vulnerability is known as CVE-2024-37880. The attack can only be done within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-37880 | Kyber Reference implementation up to 18.x ML-KEM 512 Secret Key ref/poly.c poly_frommsg information exposure

Related Posts

CVE-2024-30451 | Infinitum Forum Geo Controller Plugin up to 8.6.4 on WordPress cross site scripting

CVE-2023-49164 | OceanWP Ocean Extra Plugin up to 2.2.2 on WordPress cross-site request forgery

CVE-2024-3779 | ESET NOD32 Antivirus Installation/Upgrade default permission

CVE-2024-21454 | Qualcomm Snapdragon Automotive Telematics denial of service