CVE-2026-41509
Buffer Overflow in CROSS Post-Quantum Signature Algorithm
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cross_signature | cross_implementation | to fc6b7e7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves verifying whether the vulnerable version of the CROSS implementation is in use, specifically checking if the `crypto_sign_open()` function lacks the security check introduced in commit fc6b7e7.
One practical approach is to inspect the source code or binary for the presence of the validation that ensures the input signature length (`smlen`) is at least the size of the `CROSS_sig_t` structure. If this check is missing, the system is vulnerable.
Since this is a code-level vulnerability, network detection commands are not directly applicable. However, you can use the following commands to check the version or patch status if you have access to the source or binaries:
- Use `git log -p -1 fc6b7e7` in the CROSS implementation repository to verify if the patch commit is applied.
- Search the source code for the presence of the length check in `Reference_Implementation/lib/sign.c` using `grep -A5 'crypto_sign_open' Reference_Implementation/lib/sign.c` and look for the validation of `smlen`.
- If binaries are used, check their build date or version metadata to confirm if they include the patch.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply the patch introduced in commit fc6b7e7 to the CROSS implementation. This patch adds a validation in the `crypto_sign_open()` function to prevent buffer overflow by rejecting undersized signatures.
If you maintain or deploy the CROSS implementation, update your codebase or binaries to include this fix as soon as possible.
Additionally, avoid processing untrusted or malformed signatures that could trigger the buffer overflow.
Monitor for any updates or advisories from the CROSS implementation maintainers and apply further patches or security recommendations promptly.
Can you explain this vulnerability to me?
CVE-2026-41509 is a vulnerability in the CROSS implementation of the CROSS post-quantum signature algorithm. It involves a buffer overflow in the function crypto_sign_open() caused by an integer underflow of the variable mlen. This underflow leads to memory corruption, which can cause the program to behave unexpectedly or crash. The issue arises because the function does not properly validate the length of the input signature before processing it.
The vulnerability was fixed by adding a security check in the crypto_sign_open() function to ensure that the input signature length (smlen) is at least as large as the expected signature structure size. If the input is smaller, the function returns an error immediately, preventing the buffer overflow.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption through a stack-based or heap-based buffer overflow. Such memory corruption can allow an attacker to execute arbitrary code or cause a denial of service by crashing the application using the vulnerable function.
Because the flaw is in the implementation of the signature verification function, an attacker might exploit it by providing specially crafted signatures that trigger the buffer overflow, potentially compromising the security of systems relying on this implementation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.