13 matches found
Security update for leancrypto (moderate)
openSUSE security update: security update for leancrypto ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20783-1 Rating: moderate References: bsc1253654 bsc1254370 bsc1261382 bsc1262399 Cross-References: CVE-2026-34610 CVSS scores: CVE-2026-34610 SU...
OPENSUSE-SU-2026:20783-1 Security update for leancrypto
This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...
SUSE-SU-2026:21824-1 Security update for leancrypto
This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...
SUSE-SU-2026:21754-1 Security update for leancrypto
This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...
leancrypto-devel-1.7.2-1.1 on GA media (moderate)
leancrypto-devel-1.7.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10563-1 Rating: moderate Cross-References: CVE-2026-34610 CVSS scores: CVE-2026-34610 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...
OPENSUSE-SU-2026:10563-1 leancrypto-devel-1.7.2-1.1 on GA media
These are all security issues fixed in the leancrypto-devel-1.7.2-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2026-34610
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
CVE-2026-34610
A flaw was found in the leancrypto cryptographic library. A remote attacker can exploit an integer overflow vulnerability in the lcx509extractnamesegment function when processing the Common Name CN field of an X.509 certificate. By crafting a specially designed certificate, an attacker can cause...
CVE-2026-34610 leancrypto: Integer truncation in X.509 name parser enables certificate identity impersonation
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
CVE-2026-34610 leancrypto: Integer truncation in X.509 name parser enables certificate identity impersonation
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
EUVD-2026-18466
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
CVE-2026-34610
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
CVE-2026-34610
The CVE affects leancrypto's PQC-focused crypto library. Before 1.7.1, lc_x509_extract_name_segment() truncates size_t vlen to uint8_t for CN length, allowing an attacker to craft a certificate whose CN impersonates the victim’s CN during PKCS#7 verification, certificate chain matching, and code ...