7 matches found
OPENSUSE-SU-2026:20233-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. - CVE-2026-23893: Privilege Escalation or Data Exposure vi...
OESA-2026-1320 opencryptoki security update
openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...
SUSE SLES15 Security Update : openCryptoki (SUSE-SU-2026:0291-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0291-1 advisory. - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Tenable ha...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Linux Distros Unpatched Vulnerability : CVE-2026-22791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP...
openCryptoki-3.26.0-3.1 on GA media (moderate)
openCryptoki-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10048-1 Rating: moderate Cross-References: CVE-2026-22791 CVSS scores: CVE-2026-22791 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2026-22791 SUSE : 6.9...
CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...