CVE-2026-45702

A flaw was found in OP-TEE OS, a Trusted Execution Environment TEE for Arm Cortex-A cores. A type confusion vulnerability exists when OP-TEE OS processes an FFAMEMSHARE request from the normal world. This flaw can be exploited by a local attacker with high privileges when OP-TEE is configured as ...

CVE-2026-45702

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

CVE-2022-46152

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

CVE-2022-46152 OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function cleanupshmrefs is called by both entryinvokecommand and entryopensession. The commands...

CVE-2017-7564

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service secure world panic via vectors involving debug exceptions and debug registers...