CVE-2026-23893
- Source
- https://cve.org/CVERecord?id=CVE-2026-23893
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23893.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23893
- Aliases
-
- GHSA-j6c7-mvpx-jx5q
- Downstream
- Related
- Published
- 2026-01-22T00:01:43.521Z
- Modified
- 2026-03-06T15:44:14.981965Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L CVSS Calculator
- Summary
- openCryptoki has improper link resolution before file access (link following)
- Details
-
openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token directories, resulting in privilege escalation or data exposure. Token and lock directories are 0770 (group-writable for token users), so any token-group member can plant files and symlinks inside them. When run as root, the base code handling token directory file access, as well as several openCryptoki tools used for administrative purposes, may reset ownership or permissions on existing files inside the token directories. An attacker with token-group membership can exploit the system when an administrator runs a PKCS#11 application or administrative tool that performs chown on files inside the token directory during normal maintenance. This issue is fixed in commit 5e6e4b4, but has not been included in a released version at the time of publication.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23893.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-59" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23893.json
- https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45
- https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-j6c7-mvpx-jx5q
- https://nvd.nist.gov/vuln/detail/CVE-2026-23893
Affected packages
Git / github.com/opencryptoki/opencryptoki
Affected ranges
- Type
- GIT
- Repo
- https://github.com/opencryptoki/opencryptoki
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v2.*
v2.3.2
v2.3.3
v2.4.3
v2.4.3.1
v3.*
v3.0
v3.1
v3.10.0
v3.11.0
v3.11.1
v3.12.0
v3.12.1
v3.13.0
v3.14.0
v3.15.0
v3.15.1
v3.16.0
v3.17.0
v3.18.0
v3.19.0
v3.2
v3.20.0
v3.21.0
v3.22.0
v3.23.0
v3.24.0
v3.25.0
v3.26.0
v3.3
v3.4
v3.4.1
v3.5
v3.6
v3.6.1
v3.6.2
v3.7.0
v3.8.0
v3.8.1
v3.8.2
v3.9.0
Database specific
vanir_signatures
[
{
"id": "CVE-2026-23893-093775c1",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_nvdat_new",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 466.0,
"function_hash": "54995883240599984587089555980828417381"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-116052df",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "secure_racf",
"file": "usr/lib/icsf_stdll/pbkdf.c"
},
"digest": {
"length": 1264.0,
"function_hash": "51081220938057829058675509396169401593"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-1a73f1e1",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "set_file_permissions",
"file": "usr/sbin/pkcstok_admin/pkcstok_admin.c"
},
"digest": {
"length": 1667.0,
"function_hash": "106663813666013570919063915365852190943"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-281048d0",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_object_path_new",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 337.0,
"function_hash": "71721029755356685450949780482580700831"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-2ed17952",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "load_token_data",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 3102.0,
"function_hash": "99321750040856286238943382644680334507"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-3e3566b5",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_data_store_path_new",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 337.0,
"function_hash": "71721029755356685450949780482580700831"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-441e9e27",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_datastore_file",
"file": "usr/sbin/pkcstok_migrate/pkcstok_migrate.c"
},
"digest": {
"length": 421.0,
"function_hash": "112938376403105543780404004769527279708"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-49f8babd",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/lib/icsf_stdll/pbkdf.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"232692319011180973662454341943768431692",
"338774322811513180029831631912795480188",
"48597585850705040495417696806729802898",
"12074691428719386539703228071107634016",
"193473049795777956517093971684203995300",
"14915543135081216729983455335839427619",
"273936134344065685892466455514074994246",
"142203977544804320496300886112125593267",
"143791475590861636744304060821988232903",
"23883007264496879109762009740824156759",
"315661823104481231728535348967335530088",
"16171389934874196076797818715270955059",
"109512824865312847965608463776163181686",
"142203977544804320496300886112125593267",
"143791475590861636744304060821988232903",
"23883007264496879109762009740824156759"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-5a47bb2b",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_tokenobject",
"file": "usr/sbin/pkcstok_migrate/pkcstok_migrate.c"
},
"digest": {
"length": 478.0,
"function_hash": "15486492430361592333337751580850392468"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-66485731",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "secure_masterkey",
"file": "usr/lib/icsf_stdll/pbkdf.c"
},
"digest": {
"length": 1502.0,
"function_hash": "91116549735462635982536309051617112503"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-8fe56124",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/lib/hsm_mk_change/hsm_mk_change.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"15489671424757511020912882242782482136",
"56666132376499984288052280688221580613",
"158449444873556860885972804391762073952",
"100472049655531559899378098258231666944",
"244177069022243385396206698881351270744",
"203829818632413880699518888193297678970"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-97c2ea35",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "hsm_mk_change_op_open",
"file": "usr/lib/hsm_mk_change/hsm_mk_change.c"
},
"digest": {
"length": 725.0,
"function_hash": "117831461944000559904126988964586570902"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-a69d82b3",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "load_token_data_old",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 1395.0,
"function_hash": "111255980867171939970060829937353436730"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-b1062670",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_nvdat",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 285.0,
"function_hash": "272456828484596273941411820997138857"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-c2acf479",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/sbin/pkcstok_migrate/pkcstok_migrate.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"280571626916806133518066190685586719479",
"287870964696176360281130889098607678913",
"9767560235661784800692617313763495547",
"219769479816456674198607557357721478",
"274769757231512652205366398615871044233",
"3990901327397347428143804364247118291",
"237642658403159821166494880470204905459",
"97794115704669144699332225616646120293",
"124835335388175471766732942796414137141",
"105953133696313076935973892769727722614",
"229507315523916291202560026861601279664",
"3990901327397347428143804364247118291",
"237642658403159821166494880470204905459",
"97794115704669144699332225616646120293",
"124835335388175471766732942796414137141",
"324877215732406300873702252400477822721"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-c3e5cd52",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/sbin/pkcstok_admin/pkcstok_admin.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"325268889751873915955488672694862286917",
"81019575694286998921099733523581017926",
"91016232480879095167974774722527008198",
"195753208025006993936672397492639233192",
"17447036333962650099765398705214614392",
"255545558299416394574598849612904940267",
"183998400731119695457177702523978787835"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-c4b02a64",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_object_path",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 230.0,
"function_hash": "243142129204337719481968259306443535278"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-c538da08",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"130219788216953307054710459626689921233",
"294625770732324824625974576292103679055",
"257954285725009178230658651815137998107",
"167143830701308531890689927665050979838",
"128648974904001907052833009964738541098",
"175775836956429672429260993113560017249",
"78720257673986359827460233912024815040",
"181455789857229613379344126191956298384",
"106826496157657451059027983665302831416",
"139549456515988918371305880507454612401",
"293092264195465612810696372578670431403",
"243854042999176139920443898044625671487",
"194960390909016368175620159678663867842",
"279683447924522305520958689135361899769",
"339237101718259831679288574873807772619",
"254212817142562591388885905243809012447",
"148983836213744675063194612611783035005",
"139509022303178156244081370121091959836",
"191338976358706243786390043380144929493",
"299517248325820598649125824886981893808",
"137169632033227037137342236478250802979",
"56538033647642063674930510337031613098",
"38467512979560911779400175011373844348",
"181455789857229613379344126191956298384",
"136063553657180942228748821372163794857",
"162657615778819703616094192885373254785",
"218403680927816803241778978616055643585",
"335363227638044916594014365792755763345",
"181322505521843405221618670548549931052",
"69637511809283748232363421763824155348",
"211660894862885708697540226681030023359",
"137231143477895339074556468446772638020",
"159421425504938635231275143303688374859",
"78253367602443550355323842337772277390",
"308425347313441483835631312836540163091",
"334523749171541979181658898836002679589",
"198021045692023733089118434588128805774",
"27806316873157449691677940394486174283",
"77344792549735925347411389177582763474",
"123941886387381210931555224572376598460",
"127932408877787759099760061025156436861",
"161266098772576260652484671742899828835",
"58674320299942814967629062051270028255",
"60951060684505256837575595747644506255",
"216697905415821480145657116243964013904",
"210869832628315581952964663617004346584",
"256210714852083557382067308706369661777",
"64991708944156202001775677949794399595",
"304165402018018738166441466156160729512",
"77125046306906251798439866907211187425",
"224286995324978286769175750843806532607",
"73080787325081027132854644292194465905",
"173057743506180414131403848713498998241",
"242636471791832004156266191875640524918",
"169964868101435517502305362017044922823",
"258267237471711476227122626177075212724",
"78953980434430817897684613704059268819",
"323909407104312641797712777510345357190",
"312789429515076323851241134762459607949",
"99681048147998807206779166834130966885",
"166932185762198165041346672526717960541",
"212950135753253752300602183636059321370",
"78953980434430817897684613704059268819",
"323909407104312641797712777510345357190",
"312789429515076323851241134762459607949",
"99681048147998807206779166834130966885",
"166932185762198165041346672526717960541",
"212950135753253752300602183636059321370"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-df8f5ecd",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "save_token_object",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 982.0,
"function_hash": "244029561252816256467181772674295486006"
},
"signature_type": "Function"
},
{
"id": "CVE-2026-23893-ece7ebb3",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"file": "usr/lib/common/platform.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"207437830062298550604623743444277200826",
"216086377252909109603564529820630454675",
"74890764580114757864662279854242840419",
"184468190930561991425453130626618712819"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2026-23893-fdc12d6a",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/opencryptoki/opencryptoki/commit/5e6e4b42f2b1fcc1e4ef1b920e463bfa55da8b45",
"target": {
"function": "open_token_data_store_path",
"file": "usr/lib/common/loadsave.c"
},
"digest": {
"length": 230.0,
"function_hash": "243142129204337719481968259306443535278"
},
"signature_type": "Function"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23893.json"