Out-of-bounds read In liboqs
Description
A flaw was found in liboqs, a C-language cryptographic library. An out-of-bounds read vulnerability exists in the XMSS and XMSS^MT stateful signature verification code. A remote attacker could exploit this by providing a malformed signature that is shorter than expected. This could lead to a denial of service (DoS) if the verifying process attempts to read beyond allocated memory, potentially causing a crash.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package |
|---|---|
 rpm rhel10 |
Aliases
1. 2. 3.