{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/libcrux-ml-dsa--0.0.9/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["libcrux-ml-dsa (\u003c 0.0.9)"],"_cs_severities":["high"],"_cs_tags":["signature-bypass","vulnerability"],"_cs_type":"threat","_cs_vendors":["Rust"],"content_html":"\u003cp\u003eThe \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e library, a Rust implementation of ML-DSA (a post-quantum signature scheme), contains a vulnerability in its AVX2 implementation of signature verification. Specifically, the \u003ccode\u003euse_hint\u003c/code\u003e function incorrectly handles an edge case. This flaw allows an attacker to potentially bypass signature verification and forge valid signatures under a maliciously generated verification key when the AVX2 implementation is utilized. This vulnerability affects versions prior to 0.0.9. Defenders should ensure the library is updated to version 0.0.9 or later to mitigate the risk of signature forgery.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker analyzes the vulnerable \u003ccode\u003euse_hint\u003c/code\u003e function within the AVX2 implementation of \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e versions prior to 0.0.9.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies the specific edge case in the \u003ccode\u003euse_hint\u003c/code\u003e function that is mishandled.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious ML-DSA signature that exploits the identified edge case.\u003c/li\u003e\n\u003cli\u003eThe attacker generates a malicious verification key designed to amplify the vulnerability.\u003c/li\u003e\n\u003cli\u003eAttacker targets a system or application that relies on \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e for signature verification using the AVX2 implementation.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e library attempts to verify the crafted signature using the malicious verification key.\u003c/li\u003e\n\u003cli\u003eDue to the mishandled edge case, the \u003ccode\u003euse_hint\u003c/code\u003e function incorrectly accepts the invalid signature as valid.\u003c/li\u003e\n\u003cli\u003eThe targeted system or application trusts the forged signature, leading to unauthorized access or execution of malicious code.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker to bypass signature verification mechanisms in applications using \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e library prior to version 0.0.9. This could lead to complete system compromise, unauthorized code execution, or data manipulation. While the exact number of affected systems is unknown, any application utilizing the vulnerable library for signature verification is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003erust/libcrux-ml-dsa\u003c/code\u003e to version \u003ccode\u003e0.0.9\u003c/code\u003e or later to patch the vulnerability (reference: Mitigation section).\u003c/li\u003e\n\u003cli\u003eMonitor applications using \u003ccode\u003elibcrux-ml-dsa\u003c/code\u003e for unexpected behavior related to signature verification, such as unauthorized access attempts (reference: Overview).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-19T16:21:24Z","date_published":"2026-05-19T16:21:24Z","id":"https://feed.craftedsignal.io/briefs/2026-05-libcrux-ml-dsa-sig-bypass/","summary":"The AVX2 implementation of ML-DSA verification in libcrux-ml-dsa mishandles an edge case in the `use_hint` function, potentially allowing an attacker to craft an invalid signature that is accepted by the verifier if the AVX2 implementation is used.","title":"libcrux-ml-dsa Signature Verification Bypass Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-libcrux-ml-dsa-sig-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Libcrux-Ml-Dsa (\u003c 0.0.9)","version":"https://jsonfeed.org/version/1.1"}