{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Medium" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"opencryptoki security update", "category":"general", "title":"Synopsis" }, { "text":"An update for opencryptoki is now available for openEuler-20.03-LTS-SP4", "category":"general", "title":"Summary" }, { "text":"openCryptoki is an implementation of the PKCS #11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the application also provides an added level of security. The openCryptoki API provides a standard programming interface between applications and all kinds of portable cryptographic devices.\n\nSecurity Fix(es):\n\nA timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.(CVE-2024-0914)", "category":"general", "title":"Description" }, { "text":"An update for opencryptoki is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP3/openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Medium", "category":"general", "title":"Severity" }, { "text":"opencryptoki", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2026-1322", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1322" }, { "summary":"CVE-2024-0914", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-0914&packageName=opencryptoki" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0914" }, { "summary":"openEuler-SA-2026-1322 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2026/csaf-openeuler-sa-2026-1322.json" } ], "title":"An update for opencryptoki is now available for openEuler-20.03-LTS-SP4", "tracking":{ "initial_release_date":"2026-02-10T14:30:10+08:00", "revision_history":[ { "date":"2026-02-10T14:30:10+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2026-02-10T14:30:10+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2026-02-10T14:30:10+08:00", "id":"openEuler-SA-2026-1322", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"openEuler-20.03-LTS-SP4", "name":"openEuler-20.03-LTS-SP4" }, "name":"openEuler-20.03-LTS-SP4", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-3.10.0-3.oe2003sp4.aarch64.rpm", "name":"opencryptoki-3.10.0-3.oe2003sp4.aarch64.rpm" }, "name":"opencryptoki-3.10.0-3.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64.rpm", "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64.rpm" }, "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64.rpm", "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64.rpm" }, "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64.rpm", "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64.rpm" }, "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-help-3.10.0-3.oe2003sp4.aarch64.rpm", "name":"opencryptoki-help-3.10.0-3.oe2003sp4.aarch64.rpm" }, "name":"opencryptoki-help-3.10.0-3.oe2003sp4.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-3.10.0-3.oe2003sp4.src.rpm", "name":"opencryptoki-3.10.0-3.oe2003sp4.src.rpm" }, "name":"opencryptoki-3.10.0-3.oe2003sp4.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-3.10.0-3.oe2003sp4.x86_64.rpm", "name":"opencryptoki-3.10.0-3.oe2003sp4.x86_64.rpm" }, "name":"opencryptoki-3.10.0-3.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64.rpm", "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64.rpm" }, "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64.rpm", "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64.rpm" }, "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64.rpm", "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64.rpm" }, "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"opencryptoki-help-3.10.0-3.oe2003sp4.x86_64.rpm", "name":"opencryptoki-help-3.10.0-3.oe2003sp4.x86_64.rpm" }, "name":"opencryptoki-help-3.10.0-3.oe2003sp4.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-3.10.0-3.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.aarch64", "name":"opencryptoki-3.10.0-3.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64", "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64", "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64", "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-help-3.10.0-3.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.aarch64", "name":"opencryptoki-help-3.10.0-3.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-3.10.0-3.oe2003sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.src", "name":"opencryptoki-3.10.0-3.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-3.10.0-3.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.x86_64", "name":"opencryptoki-3.10.0-3.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64", "name":"opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64", "name":"opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64", "name":"opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"opencryptoki-help-3.10.0-3.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.x86_64", "name":"opencryptoki-help-3.10.0-3.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2024-0914", "notes":[ { "text":"A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.src", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.src", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.x86_64" ], "details":"opencryptoki security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1322" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.9, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version":"3.1" }, "products":[ "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.src", "openEuler-20.03-LTS-SP4:opencryptoki-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debuginfo-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-debugsource-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-devel-3.10.0-3.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:opencryptoki-help-3.10.0-3.oe2003sp4.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-0914" } ] }