Description
PyQuorum is a cryptographic library for secret sharing and key management. Prior to 0.2.1, the mul_mod function implements multiplication via a binary expansion loop whose execution time depends on the Hamming weight of the second operand (the exponent). An attacker who can measure the time of secret‑sharing operations (e.g., via a remote service) could progressively recover the values of shares, ultimately leading to secret reconstruction. This vulnerability is fixed in 0.2.1.
Published: 2026-05-13
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The mul_mod function in PyQuorum performs multiplication using a binary expansion loop whose execution time is influenced by the Hamming weight of the second operand, essentially an exponent. This timing variability allows an attacker who can observe operation durations—such as through a remote service—to determine the exponent on a run‑by‑run basis. Because PyQuorum is used for secret‑sharing and key‑management, successive recovery of share values eventually yields the protected secret. The vulnerability is a classic example of a timing side‑channel (CWE‑208).

Affected Systems

The flaw affects the PyQuorum library distributed by svvqt prior to its 0.2.1 release. Any deployment of an older version that performs mul_mod under potentially observable conditions is susceptible.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate overall severity. While no EPSS score is presently available, the likelihood of exploitation is non‑negligible given the remote timing attack possibility, and the vulnerability is not yet catalogued in the CISA KEV list. The likely attack vector is a remote timing side‑channel: an attacker exploiting a remote service that runs secret‑sharing operations can measure response times to gradually deduce share values.

Generated by OpenCVE AI on May 13, 2026 at 21:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update PyQuorum to version 0.2.1 or later, where the timing dependency in mul_mod has been removed.
  • Reduce or eliminate observable timing data from the secret‑sharing service—e.g., by running the code in a sandbox, disabling exposed timing APIs, or transmitting encrypted timing metrics.
  • If patching is impossible immediately, apply a countermeasure that introduces random delay or normalises execution time for mul_mod calls, and monitor for abnormal timing patterns that could indicate exploitation.

Generated by OpenCVE AI on May 13, 2026 at 21:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-7r92-3jgr-r65q pyquorum: Timing side‑channel in mul_mod
History

Fri, 15 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 May 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Svvqt
Svvqt pyquorum
Vendors & Products Svvqt
Svvqt pyquorum

Wed, 13 May 2026 20:30:00 +0000

Type Values Removed Values Added
Description PyQuorum is a cryptographic library for secret sharing and key management. Prior to 0.2.1, the mul_mod function implements multiplication via a binary expansion loop whose execution time depends on the Hamming weight of the second operand (the exponent). An attacker who can measure the time of secret‑sharing operations (e.g., via a remote service) could progressively recover the values of shares, ultimately leading to secret reconstruction. This vulnerability is fixed in 0.2.1.
Title PyQuorum: Timing side‑channel in mul_mod
Weaknesses CWE-208
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Svvqt Pyquorum
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-15T18:44:14.203Z

Reserved: 2026-05-05T20:15:20.631Z

Link: CVE-2026-44368

cve-icon Vulnrichment

Updated: 2026-05-15T18:43:57.205Z

cve-icon NVD

Status : Deferred

Published: 2026-05-13T21:16:47.730

Modified: 2026-05-14T17:00:31.310

Link: CVE-2026-44368

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T14:33:31Z

Weaknesses