NIXPKGS-2026-0697

GitHub issue published on

Permalink CVE-2026-3503

updated 1 month, 3 weeks ago by @LeSuisse Activity log

Created suggestion 1 month, 3 weeks ago
@LeSuisse accepted 1 month, 3 weeks ago
@LeSuisse published on GitHub 1 month, 3 weeks ago

Fault injection attack with ML-DSA and ML-KEM on ARM

Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.

References

https://github.com/wolfSSL/wolfssl/pull/9734 x_refsource_CONFIRM

Affected products

wolfssl

<5.9.0

Matching in nixpkgs

pkgs.wolfssl

Small, fast, portable implementation of TLS/SSL for embedded devices

nixos-unstable 5.8.4
- nixpkgs-unstable 5.8.4
- nixos-unstable-small 5.8.4
nixos-25.11 5.8.4
- nixos-25.11-small 5.8.4
- nixpkgs-25.11-darwin 5.8.4

Package maintainers

@vifino Adrian Pistol <vifino@tty.sh>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Upstream patch: https://github.com/wolfSSL/wolfssl/commit/65a1a6887747949ed148d8be3350b86ecff24fbc

Nixpkgs security tracker

Details of issue NIXPKGS-2026-0697

References

Affected products

Matching in nixpkgs

pkgs.wolfssl

Package maintainers