What is GHSA-hc3c-63hc-2r9f?

GHSA-hc3c-63hc-2r9f is a security advisory published by GitHub Security Advisories with High severity. libcrux: Potential Panic on Overlong Ciphertext Buffer

Why does GHSA-hc3c-63hc-2r9f have no CVE ID yet?

GitHub Security Advisories published this advisory directly to customers before NVD assigned a CVE ID. This is the embargo-window disclosure pattern — vendors notify customers on day 0; NVD's public record follows days to weeks later.

Which products are affected by GHSA-hc3c-63hc-2r9f?

GHSA-hc3c-63hc-2r9f affects 1 product, including: rust/libcrux-chacha20poly1305:\u003c 0.0.8.

GHSA-hc3c-63hc-2r9fHighDisclosed before NVD

libcrux: Potential Panic on Overlong Ciphertext Buffer

Vendor

GitHub Security Advisories

Published

May 19, 2026

Last Modified

May 19, 2026

📋 Description

An application that passes in a ciphertext buffer of length greater than `ptxt.len() + TAG_LEN` to `libcrux_chacha20poly1305::encrypt` or `libcrux_chacha20poly1305::xchacha20_poly1305::encrypt` would experience a panic. ## Impact An application where the length of the ciphertext buffer is under attacker control could be made to crash. ## Mitigation The fix makes it so that `libcrux_chacha20poly1305::encrypt` and `libcrux_chacha20poly1305::xchacha20_poly1305::encrypt` no longer panic in this case, but instead write out the ciphertext and tag into the first `ptxt.len() + TAG_LEN` bytes of the provided buffer.

🎯 Affected products1

rust/libcrux-chacha20poly1305:< 0.0.8

🔗 References (3)

https://github.com/cryspen/libcrux/pull/1386
https://rustsec.org/advisories/RUSTSEC-2026-0124.html
https://github.com/advisories/GHSA-hc3c-63hc-2r9f