Lucene search
K

184 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-21871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing ...

5.5CVSS6.8AI score0.00187EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-35785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix kernel panic caused by incorrect error handling The error path while failing...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages struct page page has...

7.8CVSS5.8AI score0.00234EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/25 11:23 p.m.3 views

SUSE CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS6.5AI score0.00145EPSS
Exploits0References9
OSV
OSV
added 2025/07/25 1:15 p.m.1 views

DEBIAN-CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.3AI score0.00145EPSS
Exploits0References1
OSV
OSV
added 2025/07/25 1:15 p.m.6 views

UBUNTU-CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References28
ATTACKERKB
ATTACKERKB
added 2025/07/25 12:53 p.m.4 views

CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/04 2:15 p.m.4 views

DEBIAN-CVE-2025-46733

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

7.9CVSS5.7AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.4 views

PT-2025-36316

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto/caam module that can lead to a system crash during suspend operations on iMX8QM and iMX8ULP SoCs. This occurs because the CAAM on these systems...

5.5CVSS6AI score0.00134EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:55 a.m.8 views

CVE-2024-20020

In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504...

4.4CVSS6.2AI score0.0012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.4 views

CVE-2023-20808

In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895...

6.7CVSS6.6AI score0.00085EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.7 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7.2AI score0.0026EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

Vulnerability of the optee_supp_thrd_req() function (drivers/tee/optee/supp.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the opteesuppthrdreq function drivers/tee/optee/supp.c in the Linux kernel is related to incorrect blocking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00187EPSS
Exploits0References26Affected Software8
OSV
OSV
added 2025/03/27 2:15 p.m.1 views

DEBIAN-CVE-2025-21871

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated when there is incorre...

5.5CVSS5.7AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 2:15 p.m.9 views

UBUNTU-CVE-2025-21871

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated when there is incorre...

5.5CVSS6.5AI score0.00187EPSS
Exploits0References50
Microsoft CVE
Microsoft CVE
added 2024/11/09 8:0 a.m.3 views

firmware: arm_scmi: Fix double free in OPTEE transport

...

7.8CVSS6.9AI score0.00217EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.5 views

The vulnerability of the scmi_optee_chan_free() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the scmiopteechanfree function in the drivers/firmware/armscmi/optee.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS7.2AI score0.00217EPSS
Exploits0References21Affected Software6
OSV
OSV
added 2024/10/25 11:9 a.m.12 views

OESA-2024-2293 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race...

9.8CVSS6.7AI score0.01107EPSS
Exploits0References24
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.14 views

The vulnerability of the optee component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the optee component in the Linux operating system’s kernel is related to memory release after the effective lifespan has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References16Affected Software3
SUSE CVE
SUSE CVE
added 2024/10/21 3:45 p.m.3 views

SUSE CVE-2024-49853

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...

7.8CVSS6.6AI score0.00217EPSS
Exploits0References16
Rows per page
Query Builder