Bug 2371624 (CVE-2025-8556, GHSA-2x5j-vhc8-9cwm) - CVE-2025-8556 github.com/cloudflare/circl: CIRCL-Fourq: Missing and wrong validation can lead to incorrect results
Summary: CVE-2025-8556 github.com/cloudflare/circl: CIRCL-Fourq: Missing and wrong val...
Keywords:
Status: NEW
Alias: CVE-2025-8556, GHSA-2x5j-vhc8-9cwm
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2386282 2386285 2386286 2386288 2386290 2386291 2386292 2386293 2386294 2386295 2386296 2386297 2386298 2386300 2386302 2386303 2386304 2386305 2386306 2386307 2386308 2386309 2386310 2386312 2386281 2386283 2386284 2386287 2386289 2386299 2386301 2386311
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-06-11 00:01 UTC by OSIDB Bzimport
Modified: 2025-08-04 19:11 UTC (History)
82 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-06-11 00:01:15 UTC 
### Impact
The CIRCL implementation of FourQ fails to validate user-supplied low-order points during Diffie-Hellman key exchange, potentially allowing attackers to force the identity point and compromise session security.

Moreover, there is an incorrect point validation in ScalarMult can lead to incorrect results in the isEqual function and if a point is on the curve.


### Patches
Version 1.6.1 (https://github.com/cloudflare/circl/tree/v1.6.1) mitigates the identified issues.

We acknowledge Alon Livne (Botanica Software Labs) for the reported findings.
Note You need to log in before you can comment on or make changes to this bug.