Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

openSUSE 2026 leancrypto Important Security Issue CVE-2026-34610

opensuse
Calendar Grey May 25, 2026
Dist Opensuse Esm H88
openSUSE security update addresses major issues in leancrypto with several fixes and requires immediate user action.
An update that solves one vulnerability and has 4 bug fixes can now be installed.

Description

This update for leancrypto fixes the following issues

Security issue:

- CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant

cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to uint8_t when

stori (bsc#1261382).

Non security issues:

- gnutls Illegal instruction lc_kyber_768_kem_dec_selftest (bsc#1253654).

- gnutls: test pqc-hybrid-kx fails on Nehalem or older CPU (bsc#1254370).

Changes for leancrypto:

- Calculate the FIPS HMAC for the leancrypto and the leancrypto-fips

libraries. (bsc#1262399)

- Fix build on kernel 7.0

- Pick fix for ABI issue in AVX2 assembly for Curve448 causing

test failures when building with GCC 16.

- Update to 1.7.2:

* Fix RDSEED counter

* Process code by AI code checkers and apply suggested cosmetic fixes

* Heap memory: always munlock all mlock'ed memory

* Fix ChaCha20 on Apple compiled with XCode 26.4

* Fix a potential crasher with...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory DoS important OpenSUSE cryptographic library cve-2026-34610

Patch

Package List

- openSUSE Leap 16.0:

leancrypto-devel-1.7.2-160000.1.1

leancrypto-devel-static-1.7.2-160000.1.1

leancrypto-kmp-64kb-1.7.2_k6.12.0_160000.32-160000.1.1

leancrypto-kmp-default-1.7.2_k6.12.0_160000.32-160000.1.1

leancrypto-tools-1.7.2-160000.1.1

libleancrypto-fips1-1.7.2-160000.1.1

libleancrypto1-1.7.2-160000.1.1

References

* bsc#1253654

* bsc#1254370

* bsc#1261382

* bsc#1262399

References:

* https://www.suse.com/security/cve/CVE-2026-34610.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20783-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory DoS important OpenSUSE cryptographic library cve-2026-34610

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here