Lucene search
+L

557 matches found

attackerkb
attackerkb
added 2026/07/06 7:27 p.m.6 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

2.5CVSS6AI score0.00099EPSS
Exploits1References2Affected Software1
attackerkb
attackerkb
added 2026/07/06 7:25 p.m.5 views

CVE-2026-41515

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

2.5CVSS6AI score0.00094EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/07/06 7:25 p.m.15 views

CVE-2026-41515

OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) has a vulnerability in the RSA-OAEP decryption path within the NXP CAAM crypto driver. From version 3.9.0 up to, but not including, 4.11.0, the driver uses non-constant-time memcmp() for label hash verification, exposing a Manger-s...

3.3CVSS6AI score0.00094EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/07/06 7:6 p.m.31 views

CVE-2026-41514 OP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

2.5CVSS0.00095EPSS
Exploits0References1
debiancve
debiancve
added 2026/07/06 7:6 p.m.7 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

3.3CVSS6AI score0.00095EPSS
Exploits0
attackerkb
attackerkb
added 2026/07/06 7:6 p.m.5 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

2.5CVSS6AI score0.00095EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/07/06 6:16 p.m.7 views

CVE-2026-41434

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS11 TA. Version 4.11.0 contains a patch. ...

3.3CVSS0.00105EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/06 5:24 p.m.32 views

CVE-2026-41434 OP-TEE has unbounded recursion in sanitize_client_object()

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS11 TA. Version 4.11.0 contains a patch. ...

3.3CVSS0.00105EPSS
Exploits0References1
debiancve
debiancve
added 2026/07/06 5:24 p.m.6 views

CVE-2026-41434

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS11 TA. Version 4.11.0 contains a patch. ...

3.3CVSS6AI score0.00105EPSS
Exploits0
cvelist
cvelist
added 2026/07/06 4:26 p.m.38 views

CVE-2026-40257 OP-TEE has SHA-3 accelerated finalize heap overflow

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS0.00109EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/06 4:26 p.m.6 views

CVE-2026-40257

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS6AI score0.00109EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.9 views

PT-2026-55972

Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths...

3.3CVSS6.1AI score0.00095EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.7 views

PT-2026-55974

Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error...

3.3CVSS6.1AI score0.00099EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.9 views

PT-2026-55959

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.10.0 through 4.10.x Description OP-TEE is a Trusted Execution Environment TEE designed as a companion to a non-secure Linux kernel running on Arm Cortex-A cores using TrustZone technology. An unbounded recursion can cause the...

3.3CVSS6.1AI score0.00105EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.11 views

PT-2026-55973

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.9.0 through 4.10.x Description The RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths. This...

3.3CVSS6.1AI score0.00094EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.7 views

PT-2026-55975

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.3.0 through 4.10.x Description A resource leak exists in the shared memory cleanup logic of OP-TEE, a Trusted Execution Environment designed for Arm Cortex-A cores using TrustZone technology. The function cleanup shm refs in...

3.8CVSS6.1AI score0.00105EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/26 7:27 a.m.8 views

CVE-2026-53210

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem. A shared memory shm leak occurs in the registershmhelper function when TEEIOCSHMREGISTER is called with a zero-length shared memory registration. This can be triggered by a local attacker, potentially leading to a...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/26 12:18 a.m.6 views

CVE-2026-53273

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem, specifically within the OP-TEE driver. This use-after-free vulnerability occurs when a client task terminates before its associated supplicant has finished processing a request. This timing issue can lead to the...

7.8CVSS6AI score0.00126EPSS
Exploits0References4
osv
osv
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53210

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

6.8CVSS5.7AI score0.00127EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/06/11 2:59 a.m.12 views

CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder