Nixpkgs Security Tracker

Untriaged

Permalink CVE-2026-3503

created 2 days, 22 hours ago

Fault injection attack with ML-DSA and ML-KEM on ARM

Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.

References

https://github.com/wolfSSL/wolfssl/pull/9734 x_refsource_CONFIRM

Affected products

wolfssl

<5.9.0

Matching in nixpkgs

pkgs.wolfssl

Small, fast, portable implementation of TLS/SSL for embedded devices

nixos-unstable 5.8.4
- nixpkgs-unstable 5.8.4
- nixos-unstable-small 5.8.4
nixos-25.11 5.8.4
- nixos-25.11-small 5.8.4
- nixpkgs-25.11-darwin 5.8.4

Package maintainers

@vifino Adrian Pistol <vifino@tty.sh>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.wolfssl

Package maintainers