{"uuid": "087e561a-7e3b-49f9-bf2c-2352c5a027ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-FHVH-VW7H-9XF3", "type": "seen", "source": "https://gist.github.com/alon710/c234ec86be1c4c5715ed61d6d656e517", "content": "# GHSA-FHVH-VW7H-9XF3: GHSA-FHVH-VW7H-9XF3: Cryptographic Signature Forgery via AVX2 Logic Error in libcrux-ml-dsa\n\n> **CVSS Score:** 8.2\n> **Published:** 2026-05-19\n> **Full Report:** https://cvereports.com/reports/GHSA-FHVH-VW7H-9XF3\n\n## Summary\nA critical logic vulnerability in the libcrux-ml-dsa library allows cryptographic signature forgery on x86_64 architectures using the AVX2 backend. The flaw originates from an incorrect SIMD implementation of the ML-DSA use_hint function, violating FIPS 204 specifications and allowing attackers to bypass signature verification.\n\n## TL;DR\nThe libcrux-ml-dsa library mishandles the use_hint function in its AVX2 implementation. Attackers can exploit this logic error to forge ML-DSA signatures that are improperly validated on affected hardware platforms.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-347, CWE-681\n- **Attack Vector**: Network\n- **CVSS v4.0**: 8.2 (High)\n- **Exploit Status**: Proof of Concept (PoC) available via Wycheproof vectors\n- **Impact**: Cryptographic Signature Forgery\n- **Affected Architecture**: x86_64 (AVX2)\n\n## Affected Systems\n\n- Systems executing libcrux-ml-dsa versions prior to 0.0.9 on x86_64 architectures with AVX2 instruction sets.\n- **libcrux-ml-dsa**: < 0.0.9 (Fixed in: `0.0.9`)\n\n## Mitigation\n\n- Upgrade the libcrux-ml-dsa dependency to version 0.0.9 or higher.\n- Disable the AVX2 backend to force the usage of the portable Rust implementation.\n\n**Remediation Steps:**\n1. Identify all projects utilizing libcrux-ml-dsa via Software Composition Analysis (SCA).\n2. Update the Cargo.toml file to mandate libcrux-ml-dsa version 0.0.9.\n3. Recompile the application to statically link the updated library.\n4. Execute Wycheproof test vectors to validate the correct handling of the use_hint algorithm.\n5. Deploy the recompiled application to the production environment.\n\n## References\n\n- [GitHub Advisory: GHSA-FHVH-VW7H-9XF3](https://github.com/advisories/GHSA-FHVH-VW7H-9XF3)\n- [RustSec Advisory: RUSTSEC-2026-0125](https://rustsec.org/advisories/RUSTSEC-2026-0125.html)\n- [cryspen/libcrux Fix Pull Request](https://github.com/cryspen/libcrux/pull/1398)\n- [Wycheproof Test Case Pull Request](https://github.com/C2SP/wycheproof/pull/234)\n- [Related Tink-Go Fix Pull Request](https://github.com/tink-crypto/tink-go/pull/48)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-FHVH-VW7H-9XF3) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-19T17:10:50.000000Z"}