Lucene search
K

384 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-41514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

3.3CVSS6.2AI score0.00095EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 8:16 p.m.2 views

DEBIAN-CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS6AI score0.00099EPSS
Exploits1References1
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS0.00099EPSS
Exploits1References1
OSV
OSV
added 2026/07/06 8:16 p.m.4 views

DEBIAN-CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

3.3CVSS6AI score0.00095EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 8:16 p.m.9 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

3.3CVSS0.00095EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 7:27 p.m.9 views

CVE-2026-41516

OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) contains a vulnerability in the Hisilicon HPRE PKCS#1 v1.5 RSA decryption path. From version 4.5.0 up to, but not including, 4.11.0, the RSA PKCS#1 v1.5 decryption implementation uses non-constant-time memcmp() for label hash verif...

3.3CVSS6AI score0.00099EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2026/07/06 7:27 p.m.5 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS6AI score0.00099EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:27 p.m.6 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

2.5CVSS6AI score0.00099EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/07/06 7:27 p.m.4 views

EUVD-2026-41908

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

2.5CVSS6AI score0.00099EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/07/06 7:6 p.m.7 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

3.3CVSS6AI score0.00095EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:6 p.m.5 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

2.5CVSS6AI score0.00095EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/06 7:6 p.m.12 views

CVE-2026-41514

OP-TEE affects Cortex-A TrustZone, with RSA-OAEP decryption in the Hisilicon HPRE driver vulnerable from v4.5.0 up to v4.11.0 due to non-constant-time memcmp() in label hash verification and multiple distinct error paths. This creates a padding oracle allowing plaintext recovery on ~1,000–2,000 a...

3.3CVSS6AI score0.00095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 7:6 p.m.31 views

CVE-2026-41514 OP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

2.5CVSS0.00095EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.5 views

PT-2026-55974

Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error...

3.3CVSS6.1AI score0.00099EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-55972

Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths...

3.3CVSS6.1AI score0.00095EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processi...

9.8CVSS6.2AI score0.00435EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 5:49 p.m.8 views

CVE-2026-53055

A flaw was found in the Linux kernel's hisilicon/sec2 cryptographic module. Under heavy system load during packet transmission, the hardware may free request memory before the software completes its processing. This can lead to a use-after-free error when the software attempts to access the freed...

9.8CVSS5.7AI score0.00435EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.10 views

CVE-2026-53055

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...

9.8CVSS0.00435EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38923

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...

5.7AI score0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.31 views

CVE-2026-53055 crypto: hisilicon/sec2 - prevent req used-after-free for sec

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...

9.8CVSS0.00435EPSS
Exploits0References3
Rows per page
Query Builder