OESA-2026-1322

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1322
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-1322.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2026-1322
Upstream
Published
2026-02-06T15:57:30Z
Modified
2026-02-06T16:15:29.835206Z
Summary
opencryptoki security update
Details

openCryptoki is an implementation of the PKCS #11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the application also provides an added level of security. The openCryptoki API provides a standard programming interface between applications and all kinds of portable cryptographic devices.

Security Fix(es):

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.(CVE-2024-0914)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP4 / opencryptoki

Package

Name
opencryptoki
Purl
pkg:rpm/openEuler/opencryptoki&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-3.oe2003sp4

Ecosystem specific 

{
    "aarch64": [
        "opencryptoki-3.10.0-3.oe2003sp4.aarch64.rpm",
        "opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64.rpm",
        "opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64.rpm",
        "opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64.rpm",
        "opencryptoki-help-3.10.0-3.oe2003sp4.aarch64.rpm"
    ],
    "src": [
        "opencryptoki-3.10.0-3.oe2003sp4.src.rpm"
    ],
    "x86_64": [
        "opencryptoki-3.10.0-3.oe2003sp4.x86_64.rpm",
        "opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64.rpm",
        "opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64.rpm",
        "opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64.rpm",
        "opencryptoki-help-3.10.0-3.oe2003sp4.x86_64.rpm"
    ]
}

Database specific

source 
"https://repo.openeuler.org/security/data/osv/OESA-2026-1322.json"