Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for openCryptoki fixes the following issues: Upgrade openCryptoki to 3.26 (jsc#PED-14609) Security fixes: * CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service (bsc#1256673). * CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following (bsc#1257116). Other fixes: * Soft: Add support for RSA keys up to 16K bits. * CCA: Add support for RSA keys up to 8K bits (requires CCA v8.4 or v7.6 or later). * p11sak: Add support for generating RSA keys up to 16K bits. * Soft/ICA: Add support for SHA512/224 and SHA512/256 key derivation mechanism (CKM_SHA512_224_KEY_DERIVATION and CKM_SHA512_256_KEY_DERIVATION). * Soft/ICA/CCA/EP11: Add support for SHA-HMAC key types CKK_SHAxxx_HMAC and key gen mechanisms CKM_SHAxxx_KEY_GEN.
* bsc#1256673
* bsc#1257116
* jsc#PED-14609
* jsc#PED-14798
Cross-
* CVE-2026-22791
* CVE-2026-23893
CVSS scores:
* CVE-2026-22791 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-22791 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-22791 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-22791 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-23893 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
* CVE-2026-23893 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Affected Products:
* SUSE Linux Enterprise Server 16.0
* SUSE Linux Enterprise Server for SAP Applications 16.0
An update that solves two vulnerabilities and contains two features can now be
installed.
Get the latest Linux and open source security news straight to your inbox.