Description
openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3.
Published: 2026-04-16
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Out-of-bounds memory read leading to potential confidentiality or integrity compromise
Action: Immediate Patch
AI Analysis

Impact

openCryptoki implements PKCS#11 functionality with a shared library that decodes BER/DER data. The decoder functions take a raw pointer but do not accept a buffer length and blindly trust attacker-controlled BER length fields, permitting out-of-bounds reads and integer underflows when the encoded length is zero. This flaw is a classic heap memory safety weakness (CWE‑125) that can be leveraged by an adversary to read arbitrary memory of the process. The impact is a leakage of data and possible compromise of integrity of cryptographic objects.

Affected Systems

The vulnerability is present in openCryptoki version 3.26.0 and earlier, affecting all token backends—Soft, ICA, CCA, TPM, EP11, and ICFS—because the flawed code resides in the shared common library. Any installation of the openCryptoki library older than 3.26.0 that performs PKCS#11 operations such as object creation or key unwrapping is susceptible.

Risk and Exploitability

The CVSS score of 6.8 indicates a medium severity flaw. An explicit EPSS score is not available, and the vulnerability is not listed in KEV. An attacker who can supply a crafted BER-encoded cryptographic object to the PKCS#11 interface—via calls such as C_CreateObject or C_UnwrapKey, during token loading from disk, or through remote backend communication—can exploit the decoder to expose or corrupt memory. The attack path requires the attacker to influence input to the library, and the exploit can be triggered over a local or networked PKCS#11 client.

Generated by OpenCVE AI on April 17, 2026 at 02:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch identified by commit ed378f463ef73364c89feb0fc923f4dc867332a3, or upgrade to a version of openCryptoki that includes this fix.
  • Restart all services and applications that load openCryptoki so the updated library is in effect.
  • Review any custom PKCS#11 code that parses BER/DER data and eliminate reliance on the vulnerable decoder functions.

Generated by OpenCVE AI on April 17, 2026 at 02:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 17 Apr 2026 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Opencryptoki Project
Opencryptoki Project opencryptoki
Vendors & Products Opencryptoki Project
Opencryptoki Project opencryptoki

Thu, 16 Apr 2026 22:30:00 +0000

Type Values Removed Values Added
Description openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3.
Title openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H'}

Subscriptions

Opencryptoki Project Opencryptoki
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-17T12:27:41.682Z

Reserved: 2026-04-10T17:31:45.786Z

Link: CVE-2026-40253

cve-icon Vulnrichment

Updated: 2026-04-17T12:26:39.283Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-16T23:16:33.107

Modified: 2026-04-17T15:38:09.243

Link: CVE-2026-40253

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-16T22:04:44Z

Links: CVE-2026-40253 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T08:00:10Z

Weaknesses