diff --git a/CHANGELOG.md b/CHANGELOG.md
index e39c273..9d7d853 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## 2024-01-25
+
+* Update Kyber `clean` implementation to avoid potential Kyber side-channel vulnerabilities.
+  Note that the `aarch64` implementation is still vulnerable, but it is waiting for other updates.
+  This library is for experimental purposes, so security vulnerabilties are addressed on a best-effort basis.
+
 ## 2023-10-16
 
 * Update Kyber to draft FIPS standard
diff --git a/implementations.yaml b/implementations.yaml
index 2d4d29c..fa53b4f 100644
--- a/implementations.yaml
+++ b/implementations.yaml
@@ -5,7 +5,7 @@ traits_version: 0.3.5
 
 kems:
   kyber:
-    version: 0.8.0
+    version: 0.8.1
     x86_avx2_guard: 'target_arch == "x86_64" && avx2_enabled && !is_windows && !is_macos'
     implementations: [clean, avx2, aarch64]
     schemes:
diff --git a/pqclean b/pqclean
index 0657749..3b43bc6 160000
--- a/pqclean
+++ b/pqclean
@@ -1 +1 @@
-Subproject commit 0657749a785db30e7f49e9435452cb042edb1852
+Subproject commit 3b43bc6fe46fe47be38f87af5019a7f1462ae6dd
diff --git a/pqcrypto-kyber/Cargo.toml b/pqcrypto-kyber/Cargo.toml
index 5474acf..9449835 100644
--- a/pqcrypto-kyber/Cargo.toml
+++ b/pqcrypto-kyber/Cargo.toml
@@ -2,7 +2,7 @@
 name = "pqcrypto-kyber"
 description = "Post-Quantum Key-Encapsulation Mechanism kyber"
 readme = "README.md"
-version = "0.8.0"
+version = "0.8.1"
 authors = ["Thom Wiggers <thom@thomwiggers.nl>"]
 edition = "2021"
 license = "MIT OR Apache-2.0"
diff --git a/pqcrypto/Cargo.toml b/pqcrypto/Cargo.toml
index 2c15726..baca2a4 100644
--- a/pqcrypto/Cargo.toml
+++ b/pqcrypto/Cargo.toml
@@ -13,7 +13,7 @@ categories = ["cryptography"]
 
 [dependencies]
 pqcrypto-traits = { path = "../pqcrypto-traits", version = "0.3.5" }
-pqcrypto-kyber = { path = "../pqcrypto-kyber", version = "0.8.0", optional = true }
+pqcrypto-kyber = { path = "../pqcrypto-kyber", version = "0.8.1", optional = true }
 pqcrypto-classicmceliece = { path = "../pqcrypto-classicmceliece", version = "0.2.0", optional = true }
 pqcrypto-hqc = { path = "../pqcrypto-hqc", version = "0.2.0", optional = true }
 pqcrypto-dilithium = { path = "../pqcrypto-dilithium", version = "0.5.0", optional = true }