CVE-2026-23893

Name of the Vulnerable Software and Affected Versions openCryptoki versions 2.3.2 and above

Description openCryptoki is a PKCS#11 library used on Linux and AIX systems. Versions 2.3.2 and above are susceptible to symlink-following when operating in privileged contexts. A user belonging to the token-group can redirect file operations to arbitrary filesystem locations by creating symlinks within group-writable token directories, potentially leading to privilege escalation or data exposure. The token and lock directories are configured with 0770 permissions, allowing any token-group member to place files and symlinks inside them. When executed with root privileges, the base code responsible for handling token directory file access, along with several openCryptoki tools used for administrative tasks, may modify the ownership or permissions of existing files within these token directories. An attacker with token-group membership can exploit this issue when an administrator runs a PKCS#11 application or administrative tool that performs chown operations on files inside the token directory during routine maintenance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.