{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40253", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-10T17:31:45.786Z", "datePublished": "2026-04-16T22:04:44.005Z", "dateUpdated": "2026-04-17T12:27:41.682Z"}, "containers": {"cna": {"title": "openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm"}, {"name": "https://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3", "tags": ["x_refsource_MISC"], "url": "https://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3"}], "affected": [{"vendor": "opencryptoki", "product": "opencryptoki", "versions": [{"version": "<= 3.26.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-16T22:04:44.005Z"}, "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3."}], "source": {"advisory": "GHSA-c9cf-6vr4-wfxm", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-17T12:27:37.623084Z", "id": "CVE-2026-40253", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T12:27:41.682Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40253", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-17T12:27:37.623084Z"}}}], "references": [{"url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T12:26:39.283Z"}}], "cna": {"title": "openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c", "source": {"advisory": "GHSA-c9cf-6vr4-wfxm", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "opencryptoki", "product": "opencryptoki", "versions": [{"status": "affected", "version": "<= 3.26.0"}]}], "references": [{"url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm", "name": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3", "name": "https://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-16T22:04:44.005Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40253", "state": "PUBLISHED", "dateUpdated": "2026-04-17T12:27:41.682Z", "dateReserved": "2026-04-10T17:31:45.786Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-16T22:04:44.005Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opencryptoki_project:opencryptoki:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF4180CE-7170-49F9-ACE8-7D950D5F435B", "versionEndIncluding": "3.26.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3."}], "id": "CVE-2026-40253", "lastModified": "2026-04-22T20:15:36.703", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-16T23:16:33.107", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects", "id": "2459076", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459076"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["A flaw was found in openCryptoki, a PKCS#11 (Cryptographic Token Interface Standard) library. The BER/DER (Basic Encoding Rules/Distinguished Encoding Rules) decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. This allows an attacker to supply a malformed BER-encoded cryptographic object, potentially through PKCS#11 operations, token loading, or remote backend communication. This can lead to out-of-bounds reads and integer underflows, resulting in information disclosure and a denial of service."], "name": "CVE-2026-40253", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "libica", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "openssl-ibmca", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libica", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "openssl-ibmca", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libica", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "openssl-ibmca", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libica", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "openssl-ibmca", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "openssl-ibmpkcs11", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libica", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "opencryptoki", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "openssl-ibmca", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-16T22:04:44Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-40253\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-40253\nhttps://github.com/opencryptoki/opencryptoki/commit/ed378f463ef73364c89feb0fc923f4dc867332a3\nhttps://github.com/opencryptoki/opencryptoki/security/advisories/GHSA-c9cf-6vr4-wfxm"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.26.0]"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "opencryptoki", "source": "cna", "vendor": "opencryptoki"}, "product": "opencryptoki", "vendor": "opencryptoki_project"}], "analysis": {"en": {"generated_at": "2026-04-17T02:23:30.912488+00:00", "value": {"mitigation_remediation": ["Apply the patch identified by commit ed378f463ef73364c89feb0fc923f4dc867332a3, or upgrade to a version of openCryptoki that includes this fix.", "Restart all services and applications that load openCryptoki so the updated library is in effect.", "Review any custom PKCS#11 code that parses BER/DER data and eliminate reliance on the vulnerable decoder functions."], "summary": {"action": "Immediate Patch", "impact": "Out-of-bounds memory read leading to potential confidentiality or integrity compromise"}, "threat_synthesis": {"affected_systems": "The vulnerability is present in openCryptoki version 3.26.0 and earlier, affecting all token backends\u2014Soft, ICA, CCA, TPM, EP11, and ICFS\u2014because the flawed code resides in the shared common library. Any installation of the openCryptoki library older than 3.26.0 that performs PKCS#11 operations such as object creation or key unwrapping is susceptible.", "description_and_impact": "openCryptoki implements PKCS#11 functionality with a shared library that decodes BER/DER data. The decoder functions take a raw pointer but do not accept a buffer length and blindly trust attacker-controlled BER length fields, permitting out-of-bounds reads and integer underflows when the encoded length is zero. This flaw is a classic heap memory safety weakness (CWE\u2011125) that can be leveraged by an adversary to read arbitrary memory of the process. The impact is a leakage of data and possible compromise of integrity of cryptographic objects.", "risk_and_exploitability": "The CVSS score of 6.8 indicates a medium severity flaw. An explicit EPSS score is not available, and the vulnerability is not listed in KEV. An attacker who can supply a crafted BER-encoded cryptographic object to the PKCS#11 interface\u2014via calls such as C_CreateObject or C_UnwrapKey, during token loading from disk, or through remote backend communication\u2014can exploit the decoder to expose or corrupt memory. The attack path requires the attacker to influence input to the library, and the exploit can be triggered over a local or networked PKCS#11 client."}}}}, "created": "2026-04-17T02:30:07.312139+00:00", "updated": "2026-04-17T08:00:10.884204+00:00", "vendors": ["opencryptoki_project", "opencryptoki_project$PRODUCT$opencryptoki"]}