Vulnerability DatabaseGHSA-rc4p-p3j9-6577

GHSA-rc4p-p3j9-6577:
Python vulnerability analysis and mitigation

Overview

KyberSlash (GHSA-rc4p-p3j9-6577) is a timing vulnerability affecting pypqc versions 0.0.4 through 0.0.6.1. The vulnerability affects the kyber512, kyber768, and kyber1024 implementations, where an attacker can potentially recover the private key by analyzing timing information from decapsulation requests. The issue was discovered in December 2023 and patched in January 2024 (KyberSlash Website, GitHub Advisory).

Technical details

The vulnerability stems from division operations ('/KYBER_Q') in the message decoding procedure (poly_tomsg) used in decryption and in the compression functions (poly_compress and polyvec_compress) used in encryption. When compiled, these operations may result in variable-time execution depending on the input values, leading to timing side-channels. The vulnerability is split into two parts: KyberSlash1 affecting poly_tomsg and KyberSlash2 affecting poly_compress and polyvec_compress functions (PQC Forum).

Impact

An attacker able to submit multiple decapsulation requests against a single private key and measure timing information could potentially recover the private key. The vulnerability is particularly concerning in the re-encryption process of the FO transformed decapsulation procedure, where timing variations can be exploited through maliciously crafted skewed chosen ciphertexts (GitHub Advisory).

Mitigation and workarounds

The vulnerability has been patched in version 0.0.6.1 of pypqc. The fix involves replacing the vulnerable division operations with constant-time alternatives. Users should upgrade to version 0.0.6.1 or newer, which is a drop-in replacement with no known breaking changes (GitHub Advisory).

Community reactions

The vulnerability was initially discovered by Cryspen researchers and reported privately. The Kyber team implemented patches in multiple stages, with Peter Schwabe first partially patching KyberSlash1 on December 1st, 2023, followed by a complete patch for both KyberSlash1 and KyberSlash2 on December 29th, 2023. The vulnerability has led to significant discussion in the cryptographic community about the importance of constant-time implementations (KyberSlash Website).

Additional resources

Source: This report was generated using AI

Related Python vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-22612	HIGH	8.9	Python	fickling	No	Yes	Jan 10, 2026
CVE-2026-22609	HIGH	8.9	Python	fickling	No	Yes	Jan 10, 2026
CVE-2026-22608	HIGH	8.9	Python	fickling	No	Yes	Jan 10, 2026
CVE-2026-22691	LOW	2.7	Python	pypdf	No	Yes	Jan 10, 2026
CVE-2026-22690	LOW	2.7	Python	pypdf	No	Yes	Jan 10, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

GHSA-rc4p-p3j9-6577: Python vulnerability analysis and mitigation