1985 matches found
CVE-2026-45702 OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...
CVE-2026-45702 OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...
CVE-2026-40290
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...
EUVD-2026-34139
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...
CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...
CVE-2026-40290
OP-TEE (Trusted Execution Environment) on Arm Cortex-A with TrustZone suffers a Use-After-Free race in FF-A shared-memory teardown when OP-TEE is configured as an SPMC for S-EL0 SPs (CFG_SECURE_PARTITION=y). The bug lies in sp_mem_remove() not acquiring the global sp_mem_lock before freeing entri...
CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...
CVE-2026-24088
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...
CVE-2026-24090
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...
PT-2026-46046
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.3.0 through 4.10.x Description A type confusion occurs in OP-TEE OS when processing an 'FFA MEM SHARE' request from the normal world. This issue specifically affects configurations where OP-TEE is set as a Secure Partition...
PT-2026-46006
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.16.0 through 4.10.x Description A use-after-free race condition exists in the shared memory teardown logic of FF-A within SPMC/SP flows. This occurs when OP-TEE is configured as an SPMC for S-EL0 SPs using CFG SECURE...
Linux Distros Unpatched Vulnerability : CVE-2026-45702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
EUVD-2026-33845
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...
EUVD-2026-33847
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...
CVE-2026-24088
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...
CVE-2026-24090
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...
CVE-2026-24090
Technical details (affected products, root cause, impact, and remediation) are not publicly available in the provided documents. Monitor for updates from the vendors and CVE feed.
CVE-2026-24090 Missing Authentication for Critical Function in HLOS
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...
CVE-2026-24090 Missing Authentication for Critical Function in HLOS
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...
CVE-2026-24090
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...