316 matches found
SUSE-SU-2026:21593-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects bsc1263819 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:1723-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects bsc1263819...
SUSE-SU-2026:21492-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1263819...
Fedora 45 : opencryptoki (2026-d63e3968e8)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d63e3968e8 advisory. Automatic update for opencryptoki-3.26.0-3.fc45. Changelog Tue May 5 2026 Than Ngo - 3.26.0-3 - Fix rhbz2432016: CVE-2026-23893, Privilege Escalation or Data...
OESA-2026-2166 opencryptoki security update
openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...
OESA-2026-2165 opencryptoki security update
openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...
OESA-2026-2164 opencryptoki security update
openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...
Security update for openCryptoki
This update for openCryptoki fixes the following issue: CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2026:1658-1 Security update for openCryptoki
This update for openCryptoki fixes the following issue: - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283...
SUSE-SU-2026:21419-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-23893: use of symlinks in group-writable token directories can lead to privilege escalation and data exposure bsc1257116. - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial...
SUSE-SU-2026:21455-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-23893: use of symlinks in group-writable token directories can lead to privilege escalation and data exposure bsc1257116. - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial...
openCryptoki-3.26.0-6.1 on GA media (moderate)
openCryptoki-3.26.0-6.1 on GA media Announcement ID: openSUSE-SU-2026:10593-1 Rating: moderate Cross-References: CVE-2026-40253 CVSS scores: CVE-2026-40253 SUSE : 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H CVE-2026-40253 SUSE : 7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA...
OPENSUSE-SU-2026:10593-1 openCryptoki-3.26.0-6.1 on GA media
These are all security issues fixed in the openCryptoki-3.26.0-6.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-40253
A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...
CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
DEBIAN-CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
UBUNTU-CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
CVE-2026-40253 openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...