RHSA-2026:4717 Red Hat Security Advisory: opencryptoki security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: opencryptoki security update

An update for opencryptoki is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following

A flaw was found in openCryptoki, a PKCS11 library and tooling for Linux and AIX. A token-group user can exploit a symlink-following vulnerability by planting symbolic links in group-writable token directories. When an administrator runs a PKCS11 application or administrative tool as root, it may...

ALSA-2026:4717 Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

opencryptoki security update

3.25.0-5.2 - Resolves: RHEL-144815, Privilege Escalation or Data Exposure via Symlink Following...

Oracle Linux 10 : opencryptoki (ELSA-2026-4717)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4717 advisory. 3.25.0-5.2 - Resolves: RHEL-144815, Privilege Escalation or Data Exposure via Symlink Following Tenable has extracted the preceding description block directly...

RHEL 10 : opencryptoki (RHSA-2026:4717)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4717 advisory. The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

SUSE-SU-2026:0824-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116...

SUSE SLES12 Security Update : openCryptoki (SUSE-SU-2026:0581-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0581-1 advisory. - CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Tenable has extracted the preceding description block directl...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

SUSE-SU-2026:0581-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116...

SUSE: Security Advisory (SUSE-SU-2026:20434-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES16 Security Update : openCryptoki (SUSE-SU-2026:20434-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20434-1 advisory. Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead ...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: Security fixes: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Other fixes: Fixed FIPS mode bsc1248002 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

SUSE-SU-2026:0569-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Security fixes: - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Other fixes: - Fixed FIPS mode bsc1248002...

openSUSE 16 Security Update : openCryptoki (openSUSE-SU-2026:20233-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20233-1 advisory. Upgrade openCryptoki to 3.26 jscPED-14609 Security fixes: - CVE-2026-22791: supplying malformed compressed EC public key can lead to heap...

CentOS 9 : opencryptoki-3.26.0-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the opencryptoki-3.26.0-2.el9 build changelog. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when...

Security update for openCryptoki (moderate)

openSUSE security update: security update for opencryptoki ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20233-1 Rating: moderate References: bsc1256673 bsc1257116 Cross-References: CVE-2026-22791 CVE-2026-23893 CVSS scores: CVE-2026-22791 SUSE :...

SUSE SLES15 Security Update : openCryptoki (SUSE-SU-2026:0481-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0481-1 advisory. - CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following bsc1257116. Tenable has extracted the preceding description...