liang-junkai/gist:a9fc693f8bdf176e9d9f56773bf20703

## gistfile1.txt
[NAME OF AFFECTED PRODUCT(S)]: liboqs
[AFFECTED AND/OR FIXED VERSION(S)]: 0.10.0
[CVE ID]: CVE-2024-31510
[PROBLEM TYPE]:
       [Vulnerability Type]: Fault Injection
       [Root Cause]: No check or protection in signature
       [Impact]: Allows attacker to obtain sensitive information and escalate privileges
[DESCRIPTION]: An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component.
[PUBLIC REFERENCES]: https://github.com/liang-junkai/Fault-injection-of-ML-DSA; https://github.com/open-quantum-safe/liboqs/tree/main
[DISCOVERS]: Junkai Liang, Zhi Zhang, Xin Zhang, Qingni Shen (Peking University, The University of Western Australia)
	[NAME OF AFFECTED PRODUCT(S)]: liboqs
	[AFFECTED AND/OR FIXED VERSION(S)]: 0.10.0
	[CVE ID]: CVE-2024-31510
	[PROBLEM TYPE]:
	[Vulnerability Type]: Fault Injection
	[Root Cause]: No check or protection in signature
	[Impact]: Allows attacker to obtain sensitive information and escalate privileges
	[DESCRIPTION]: An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component.
	[PUBLIC REFERENCES]: https://github.com/liang-junkai/Fault-injection-of-ML-DSA; https://github.com/open-quantum-safe/liboqs/tree/main
	[DISCOVERS]: Junkai Liang, Zhi Zhang, Xin Zhang, Qingni Shen (Peking University, The University of Western Australia)