317 matches found
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
openCryptoki backend link vulnerability
openCryptoki is an open-source library and tool for Linux that utilizes the PKCS11 standard. Versions of openCryptoki 2.3.2 and later contain a post-release vulnerability due to a symbol linking issue when running in privileged environments. This vulnerability could lead to privilege escalation o...
Azure Linux 3.0 Security Update: opencryptoki (CVE-2024-0914)
The version of opencryptoki installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0914 advisory. - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RS...
MiracleLinux 9 : opencryptoki-3.21.0-9.el9_3.ML.1 (AXSA:2024-7597:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7597:01 advisory. opencryptoki: timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin CVE-2024-0914 Tenable has extracted the preceding description block...
MiracleLinux 8 : opencryptoki-3.21.0-10.el8_9.ML.1 (AXSA:2024-7646:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7646:02 advisory. opencryptoki: timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin CVE-2024-0914 Tenable has extracted the preceding description block...
SUSE CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
openCryptoki-3.26.0-3.1 on GA media (moderate)
openCryptoki-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10048-1 Rating: moderate Cross-References: CVE-2026-22791 CVSS scores: CVE-2026-22791 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2026-22791 SUSE : 6.9...
Linux Distros Unpatched Vulnerability : CVE-2026-22791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP...
CVE-2026-22791
A flaw was found in openCryptoki, a library for cryptographic operations. A local attacker can exploit a heap buffer overflow vulnerability within the CKMECDHAESKEYWRAP implementation. By providing a compressed Elliptic Curve EC public key and invoking the CWrapKey function, the attacker can...
OPENSUSE-SU-2026:10048-1 openCryptoki-3.26.0-3.1 on GA media
These are all security issues fixed in the openCryptoki-3.26.0-3.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
UBUNTU-CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
CVE-2026-22791 openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
CVE-2026-22791 openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
EUVD-2026-2415
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
CVE-2026-22791
CVE-2026-22791 affects the openCryptoki PKCS#11 library for Linux/AIX. The vulnerability is a heap buffer overflow in the CKM_ECDH_AES_KEY_WRAP implementation triggered by supplying a compressed EC public key and calling C_WrapKey, allowing a local attacker to cause out-of-bounds writes in the ho...
CVE-2026-22791 openCryptoki incorrectly calculates the buffer size in C_WrapKey with CKM_ECDH_AES_KEY_WRAP
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
CVE-2026-22791
openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...
openCryptoki 安全漏洞
openCryptoki is openCryptoki open source a PKCS11 library and tools for Linux. A security vulnerability exists in openCryptoki versions 3.25.0 and 3.26.0, which stems from a heap buffer overflow in the CKMECDHAESKEYWRAP implementation that could lead to heap corruption or denial of service...