Cryptographic Library Vulnerability in liboqs Affects Post-Quantum Algorithms
CVE-2024-54137
Currently unrated
What is CVE-2024-54137?
A correctness error has been discovered in the liboqs cryptographic library, specifically within the reference implementation of the HQC key encapsulation mechanism. An indexing error leads to the mishandling of part of the secret key, erroneously treating it as non-secret data. When a malformed ciphertext is processed, the decapsulation function may return an incorrect shared secret value, exposing the risk of data compromise. This issue has been addressed in version 0.12.0.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.