Description
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a correctly-sized signature buffer for the declared algorithm but a public key whose OID bytes (pk[0..3]) reference a different XMSS parameter set with a larger sig_bytes, the implementation re-parses the OID from the public key inside xmss_sign_open / xmssmt_sign_open and uses the resulting (larger) sig_bytes to index the caller-supplied signature buffer. As with CVE-2026-44518, the out-of-bounds bytes are consumed only as input to an internal hash computation and are not returned to the caller, so no oracle exists to leak their contents to an attacker. The primary observable effect is a possible crash (denial of service) of the verifying process if the read crosses into an unmapped memory page. This vulnerability is fixed in 0.16.0.
Published: 2026-05-29
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a heap buffer overflow in liboqs’ XMSS and XMSS^MT signature verification code. When a verification call is made with a signature buffer sized for the declared algorithm but a public key whose OID identifies a different XYSS parameter set with a larger signature length, the code re‑parses the OID, selects the larger expected signature length, and indexes into the caller‑supplied buffer. This results in an out‑of‑bounds read (CWE‑125) that consumes data only for internal hash computation. No attacker‑controlled data is returned, so there is no disclosure, but the read may trigger a crash if it crosses into unmapped memory, causing a denial of service.

Affected Systems

The affected product is open‑quantum‑safe’s liboqs library. Versions prior to 0.16.0 are vulnerable; the bug is fixed in the 0.16.0 release. All builds of the library that include the XMSS or XMSS^MT interfaces before this version are impacted.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate severity. The EPSS score is not available, so the exploitation probability is not quantified, and the vulnerability is not listed in CISA’s KEV catalog. The impact is limited to a crash of the process performing verification, and the vulnerability is exploitable only when an attacker can supply a crafted signature and public key to the verification routine. In configurations where the library processes untrusted inputs—such as network services or cryptographic validation APIs—an attacker could trigger a denial of service. No known exploits have been reported, but the vulnerability could be abused in environments where maintaining service availability is critical.

Generated by OpenCVE AI on May 29, 2026 at 19:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade liboqs to version 0.16.0 or later, which contains the fixed verification logic.
  • If an upgrade is not feasible, validate that every signature verification call uses a public key and signature buffer pair that agree on algorithm parameters; reject any mismatch before invoking the verification function.
  • Implement defensive checks or sandbox the verification routine to isolate the process and prevent a crash from affecting the overall application.
  • Monitor logs for abnormal termination of cryptographic verification processes, as repeated crashes may indicate an attempted denial‑of‑service attack.

Generated by OpenCVE AI on May 29, 2026 at 19:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Open Quantum Safe
Open Quantum Safe liboqs
Vendors & Products Open Quantum Safe
Open Quantum Safe liboqs

Fri, 29 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 29 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a correctly-sized signature buffer for the declared algorithm but a public key whose OID bytes (pk[0..3]) reference a different XMSS parameter set with a larger sig_bytes, the implementation re-parses the OID from the public key inside xmss_sign_open / xmssmt_sign_open and uses the resulting (larger) sig_bytes to index the caller-supplied signature buffer. As with CVE-2026-44518, the out-of-bounds bytes are consumed only as input to an internal hash computation and are not returned to the caller, so no oracle exists to leak their contents to an attacker. The primary observable effect is a possible crash (denial of service) of the verifying process if the read crosses into an unmapped memory page. This vulnerability is fixed in 0.16.0.
Title liboqs: Heap-buffer-overflow in XMSS verification path via OID-controlled parameter mismatch (xmss_commons.c:194)
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Open Quantum Safe Liboqs
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-29T18:39:53.946Z

Reserved: 2026-05-13T18:37:30.990Z

Link: CVE-2026-46344

cve-icon Vulnrichment

Updated: 2026-05-29T18:39:48.271Z

cve-icon NVD

Status : Received

Published: 2026-05-29T19:16:25.350

Modified: 2026-05-29T19:16:25.350

Link: CVE-2026-46344

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T19:30:05Z

Weaknesses