384 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-41514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
DEBIAN-CVE-2026-41516
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...
CVE-2026-41516
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...
DEBIAN-CVE-2026-41514
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...
CVE-2026-41514
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...
CVE-2026-41516
OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) contains a vulnerability in the Hisilicon HPRE PKCS#1 v1.5 RSA decryption path. From version 4.5.0 up to, but not including, 4.11.0, the RSA PKCS#1 v1.5 decryption implementation uses non-constant-time memcmp() for label hash verif...
CVE-2026-41516
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...
CVE-2026-41516
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...
EUVD-2026-41908
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...
CVE-2026-41514
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...
CVE-2026-41514
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...
CVE-2026-41514
OP-TEE affects Cortex-A TrustZone, with RSA-OAEP decryption in the Hisilicon HPRE driver vulnerable from v4.5.0 up to v4.11.0 due to non-constant-time memcmp() in label hash verification and multiple distinct error paths. This creates a padding oracle allowing plaintext recovery on ~1,000–2,000 a...
CVE-2026-41514 OP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...
PT-2026-55974
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error...
PT-2026-55972
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.5.0 through 4.10.x Description The RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths...
Linux Distros Unpatched Vulnerability : CVE-2026-53055
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processi...
CVE-2026-53055
A flaw was found in the Linux kernel's hisilicon/sec2 cryptographic module. Under heavy system load during packet transmission, the hardware may free request memory before the software completes its processing. This can lead to a use-after-free error when the software attempts to access the freed...
CVE-2026-53055
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...
EUVD-2026-38923
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...
CVE-2026-53055 crypto: hisilicon/sec2 - prevent req used-after-free for sec
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...