CVE-2026-50185
Received Received - Intake

Incorrect Output in RustCrypto CMOV Conditional Move Operations

Vulnerability report for CVE-2026-50185, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: GitHub, Inc.

Description

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. From 0.1.1 until 0.5.4, the aarch64 implementations of Cmov and CmovEq in cmov/src/backends/aarch64.rs assume high bits are zero-extended when loading values smaller than a register, so set high bits such as [8..] in a Cmov selector or [16..] of self or other in the u16 and i16 CmovEq implementations can cause left.cmovz(&right, condition) to produce incorrect output. This issue is fixed in version 0.5.4.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-18
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
rustcrypto cmov From 0.1.1 (inc) to 0.5.4 (exc)
rustcrypto cmov 0.5.4

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-758 The product uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects the RustCrypto CMOV crate's aarch64 implementations of Cmov and CmovEq functions. It occurs when high bits of registers are set, causing incorrect results in conditional move operations. The issue arises because the aarch64 assembly assumes high bits are zero-extended when loading smaller values, which is not guaranteed. This affects versions 0.1.1 to 0.5.3 and was fixed in 0.5.4.

Detection Guidance

Detecting this vulnerability requires checking if your system uses the affected RustCrypto cmov crate versions (0.1.1 to 0.5.3) on aarch64 architecture. Inspect your project's dependency tree using commands like cargo tree or grep for cmov in Cargo.lock files. No direct network detection is possible as this is a local library issue.

Impact Analysis

This vulnerability could lead to incorrect conditional move operations, potentially causing unintended behavior in cryptographic operations or other security-sensitive code. If high bits are set in registers, the conditional selection may fail, producing wrong results. This is particularly risky in applications relying on constant-time execution for security.

Compliance Impact

This vulnerability does not directly affect compliance with GDPR, HIPAA, or similar standards. It is a low-severity bug in conditional move operations for cryptographic operations on aarch64 platforms, which could lead to incorrect results in specific edge cases. Compliance impacts would only occur if the bug caused data integrity issues in systems handling regulated data, but no evidence suggests such a scenario.

Mitigation Strategies

Immediately update the cmov crate to version 0.5.4 or later in your Rust projects. Use cargo update -p cmov or modify your Cargo.toml to specify cmov = "=0.5.4". Rebuild and redeploy affected applications after updating dependencies.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50185. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart