SUSE-SU-2026:21575-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

Linux Distros Unpatched Vulnerability : CVE-2026-40253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common libra...

Linux Distros Unpatched Vulnerability : CVE-2021-3798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when...

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack.

...