openSUSE 16.0 openCryptoki Moderate Denial of Service Risk 2026-20233-1
opensuse
February 15, 2026
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.
Description
This update for openCryptoki fixes the following issues:
Upgrade openCryptoki to 3.26 (jsc#PED-14609)
Security fixes:
- CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service (bsc#1256673).
- CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following (bsc#1257116).
Other fixes:
* Soft: Add support for RSA keys up to 16K bits.
* CCA: Add support for RSA keys up to 8K bits (requires CCA v8.4 or v7.6 or later).
* p11sak: Add support for generating RSA keys up to 16K bits.
* Soft/ICA: Add support for SHA512/224 and SHA512/256 key derivation mechanism (CKM_SHA512_224_KEY_DERIVATION and CKM_SHA512_256_KEY_DERIVATION).
* Soft/ICA/CCA/EP11: Add support for SHA-HMAC key types CKK_SHAxxx_HMAC and key gen mechanisms CKM_SHAxxx_KEY_GEN.
* p11sak: Add support for SHA-HMAC key types and key generation.
* p11sak: Add support for key wrap and unwrap commands to export and import private and secret keys by...
Read the Full Advisory
Patch
Package List
- openSUSE Leap 16.0:
openCryptoki-3.26.0-160000.1.1
openCryptoki-64bit-3.26.0-160000.1.1
openCryptoki-devel-3.26.0-160000.1.1
References
* bsc#1256673
* bsc#1257116
References:
* https://www.suse.com/security/cve/CVE-2026-22791.html
* https://www.suse.com/security/cve/CVE-2026-23893.html
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2026:20233-1
Rating: moderate
Affected Products:
openSUSE Leap 16.0
-------------------------------------------------------------
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!