This page does not guarantee that it is a comprehensive survey, and does not guarantee accuracy of any particular item. Please check status directly with your library maintainers.

Kyber libraries that have divisions with secret inputs as of 28 June 2024 (libraries are listed in alphabetical order):

• antontutoveanu/crystals-kyber-javascript: not patched yet; no security announcement yet

• Argyle-Software/kyber: not patched yet; security announcement 9 February 2024 (apparently announced by bwesterb/argyle-kyber)

• debian/src/liboqs/unstable/src/kem/kyber: not patched yet; no security announcement yet

• PQClean/PQClean/crypto_kem/kyber*/aarch64: not patched yet; security announcement 25 January 2024

Kyber libraries that had divisions with secret inputs at the start of December 2023, but have been patched for KyberSlash1 and KyberSlash2 (libraries are listed in reverse chronological order of KyberSlash2 patch date):

• sebastienrousseau/kyberlib/src/reference: patched 12 May 2024 for KyberSlash1 and KyberSlash2; no security announcement yet

• mupq/pqm4/crypto_kem/kyber*: patched 20 December 2023 for KyberSlash1; patched 23 February 2024 for KyberSlash2; no security announcement yet (but maintainer comments "Scary")

• JamesTheAwesomeDude/pypqc: patched 26 January 2024 for KyberSlash1 and KyberSlash2; patch labeled as "upstream security fix"

• rustpq/pqcrypto/pqcrypto-kyber: patched 25 January 2024 for KyberSlash1 and KyberSlash2 ("potential" side-channel vulnerabilities); had also been patched downstream in Signal on 5 January 2024

• PQClean/PQClean/crypto_kem/kyber*/clean: patched 25 January 2024 for KyberSlash1 and KyberSlash2; security announcement 25 January 2024

• kudelskisecurity/crystals-go: patched 10 January 2024 for KyberSlash1; patched 16 January 2024 for KyberSlash2; security announcement 16 January 2024

• liboqs/src/kem/kyber: patched 15 December 2023 for KyberSlash1; patched 8 January 2024 for KyberSlash2; security announcement 16 January 2024

• randombit/botan: patched 20 December 2023 for KyberSlash1; patched 4 January 2024 for KyberSlash2; security announcement 13 February 2024 ("Fix potential timing side channels in Kyber")

• aws/aws-lc/crypto/kyber, fips-2022-11-02 branch: patched 19 December 2023 for KyberSlash1; patched 4 January 2024 for KyberSlash2; no security announcement yet

• aws/aws-lc/crypto/kyber, main branch: patched 16 December 2023 for KyberSlash1; patched 2 January 2024 for KyberSlash2; no security announcement yet

• cloudflare/circl: patched 1 January 2024 for KyberSlash2 (says KyberSlash1 wasn't applicable); security announcement 8 January 2024 for KyberSlash2

• symbolicsoft/kyber-k2so: patched 16 December 2023 for KyberSlash1; security announcement 19 December 2023 for KyberSlash1; patched 30 December 2023 for KyberSlash2; security announcement updated 30 December 2023 for KyberSlash2

• pq-crystals/kyber/ref: patched 1 December 2023 for KyberSlash1; patched 30 December 2023 for KyberSlash2; no security announcement yet

• zig/lib/std/crypto/kyber_d00.zig: patched 22 December 2023 for KyberSlash (in a unified division function, so both KyberSlash1 and KyberSlash2 are covered); no security announcement yet

Kyber libraries that reportedly never had divisions with secret inputs, part 1, released before KyberSlash was announced:

• boringssl/crypto/kyber

• filippo.io/mlkem768

• formosa-crypto/libjade/src/crypto_kem/kyber/common/amd64/avx2

• formosa-crypto/libjade/src/crypto_kem/kyber/common/amd64/ref

• pq-crystals/kyber/avx2

• pqclean/crypto_kem/kyber*/avx2

• sebastienrousseau/kyberlib/src/avx2

Kyber libraries that reportedly never had divisions with secret inputs, part 2, released after KyberSlash was announced:

• awslabs/LibMLKEM