Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-82081

GnuTLS error checking for hybrid PQC is incomplete/incorrect (on non-x86_64?)

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • gnutls-3.8.9-14.el10
    • No
    • Low
    • 1
    • rhel-security-crypto
    • ssg_security
    • 12
    • 0.1
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto25Q2
    • Hide

      tlsfuzzer script test-tls13-mlkem.py passes on all architectures [/CoreOS/gnutls/Interoperability/Hybrid-ML-KEM-in-TLS]

      Show
      tlsfuzzer script test-tls13-mlkem.py passes on all architectures [/CoreOS/gnutls/Interoperability/Hybrid-ML-KEM-in-TLS]
    • Pass
    • Automated
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      When using gnutls-3.8.9-9.el10 on aarch64, ppc64le or s390x architectures (but not x86_64!), the tlsfuzzer test-tls13-mlkem.py script fails for the following test cases:

      • 'secp256r1mlkem768: malformed pqc part, variable {0..767}'
      • 'secp384r1mlkem1024: malformed pqc part, variable {0..1023}'
      • 'x25519mlkem768: malformed pqc part, variable {0..767}'

              dueno@redhat.com Daiki Ueno
              asosedki@redhat.com Alexander Sosedkin
              Daiki Ueno Daiki Ueno
              Joao Silva Joao Silva
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: