Description
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. From 0.1.1 until 0.5.4, the aarch64 implementations of Cmov and CmovEq in cmov/src/backends/aarch64.rs assume high bits are zero-extended when loading values smaller than a register, so set high bits such as [8..] in a Cmov selector or [16..] of self or other in the u16 and i16 CmovEq implementations can cause left.cmovz(&right, condition) to produce incorrect output. This issue is fixed in version 0.5.4.
Published: 2026-07-17
Score: 2 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-3rjw-m598-pq24 Cmov/CmovEq on aarch64 can produce wrong results if high-bits of registers are set
History

Fri, 17 Jul 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Rustcrypto
Rustcrypto utils
Vendors & Products Rustcrypto
Rustcrypto utils

Fri, 17 Jul 2026 19:00:00 +0000

Type Values Removed Values Added
Description RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. From 0.1.1 until 0.5.4, the aarch64 implementations of Cmov and CmovEq in cmov/src/backends/aarch64.rs assume high bits are zero-extended when loading values smaller than a register, so set high bits such as [8..] in a Cmov selector or [16..] of self or other in the u16 and i16 CmovEq implementations can cause left.cmovz(&right, condition) to produce incorrect output. This issue is fixed in version 0.5.4.
Title RustCrypto Cmov/CmovEq on aarch64 can produce wrong results if high-bits of registers are set
Weaknesses CWE-758
References
Metrics cvssV4_0

{'score': 2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Rustcrypto Utils
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-07-17T18:35:02.078Z

Reserved: 2026-06-03T22:05:13.644Z

Link: CVE-2026-50185

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-17T21:15:05Z

Weaknesses
  • CWE-758

    Reliance on Undefined, Unspecified, or Implementation-Defined Behavior