SUSE-SU-2026:21455-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2026/suse-su-202621455-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:21455-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2026:21455-1
Upstream
  • CVE-2026-40253
Related
Published
2026-04-27T12:00:49Z
Modified
2026-05-05T18:23:52.736330Z
Summary
Security update for openCryptoki
Details

This update for openCryptoki fixes the following issues:

  • CVE-2026-23893: use of symlinks in group-writable token directories can lead to privilege escalation and data exposure (bsc#1257116).
  • CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service (bsc#1262283).
References

Affected packages