138 matches found
CVE-2026-44362
OP-TEE (trusted execution environment for Arm TrustZone) has a vulnerability in subkey rollback protection affecting versions 3.20.0 through 4.10.x; during TA loading, shdr_load_pub_key() fails to propagate subkey_version into the runtime structure, so key->version stays zero. When check_updat...
CVE-2026-41434
OP-TEE (a TEE for Arm TrustZone) has an unbounded recursion in sanitize_client_object() that can crash the PKCS#11 trusted app. Affected versions are 3.10.0 up to, but not including, 4.11.0. Version 4.11.0 contains the patch. No public workarounds are documented. This CVE affects the PKCS#11 TA a...
EUVD-2026-41891
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...
CVE-2026-40257
CVE-2026-40257 affects OP-TEE (Trusted Execution Environment) for Cortex-A with TrustZone. From versions 3.21.0 up to, but not including, 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one error that can cause a massive heap overflow, corrupting all TEE kernel me...
CVE-2026-40290
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...
OP-TEE Trusted OS 安全漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. There were security vulnerabilities in versions 4.3.0 to 4.11.0 of OP-TEE Trusted OS. These vulnerabilities stemmed from...
EUVD-2025-209749
In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to...
CVE-2026-33662
OP-TEE (Trusted Execution Environment) has a concrete vulnerability in RSASSA PKCS#1 v1.5 padding. Affected versions are 3.8.0–4.10; the padding size (PS) is computed as modulus size minus digest/EMSA fields in emsa_pkcs1_v1_5_encode() (rsassa.c). If the modulus is small enough, this subtraction ...
EUVD-2019-11501
Malware in sbrugna...
EUVD-2019-2034
Malware in sbrugna...
EUVD-2019-2031
Malware in sbrugna...
EUVD-2019-2028
Malware in sbrugna...
EUVD-2017-1552
Malware in sbrugna...
EUVD-2019-2030
Malware in sbrugna...
EUVD-2019-2029
Malware in sbrugna...
EUVD-2019-2032
Malware in sbrugna...
EUVD-2019-2033
Malware in sbrugna...
EUVD-2017-1551
Malware in sbrugna...
EUVD-2022-48987
Malicious code in bioql PyPI...
EUVD-2021-31000
Malicious code in bioql PyPI...